Principal Analyst Cyber Security Operations - SOAR

The Principal Analyst Cyber Security Operations - SOAR will lead the engineering and development of advanced enterprisewide detection and threat analytics capabilities, driving security engineering strategy, AI-enhanced detection logic, threat modeling, and continuous tuning across diverse platforms.

Requirements

• Lead architecture, development, and maintenance of SOAR playbooks and automation pipelines
• Automate repetitive security operations and security engineering workflows
• Integrate security tools and platforms using APIs, scripting, and microservices
• Improve MTTR and reduce operational overhead through intelligent automation
• Develop KPIs to measure automation impact and report operational improvements
• Lead POCs for new automation platforms and evaluate opportunities for AI-based operations
• Provide mentorship and code reviews for automation engineers and analysts
• Partner with security engineering on telemetry strategy, logging requirements, and architectural standards for monitoring visibility
• Integrate AI/ML-driven detection capabilities into existing pipelines
• Maintain ingestion pipelines, parsing logic, normalization rules, and event taxonomies across critical log sources
• Lead the design, implementation, and optimization of enterprisewide detection content
• Develop detection playbooks and logic focused on lateral movement, credential abuse, insider threats, privilege escalation, cloud compromise, and advanced persistent threats
• Tune, optimize, and enrich detection pipelines with contextual data
• Mentor analysts and engineers globally on detection logic development, data analytics, and platform best practices
• Serve as a senior escalation point for complex security incidents and investigations

Benefits

• medical, dental, and vision insurance
• 401(k) with company match
• paid time off
• parental leave
• performance-based bonuses