Senior Security Automation Engineer (Remote in EST)
GuidePoint Security · United States · 3 wk ago
RemoteRemoteInformation TechnologyFull-time
About the role
GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller focusing exclusively on Information Security. This position offers a unique and rare opportunity to grow your career with one of the fastest-growing companies in the nation.
Responsibilities
- Design and build security automation/orchestration workflows
- Integrate security and IT systems via REST APIs, webhooks, and JSON
- Script custom logic, data transforms, and handle within automated workflows
- Decompose manual security processes into reliable automated workflows, including error handling, conditional logic, and secure runs
- Use emerging technologies like AI tools to work smarter, solve problems, and drive better business outcomes
- Translate client automation requirements into a build plan
- Work with cloud native security tooling and have prior delivery experience in a consulting, professional services, or MSSP environment
- Have detection engineering exposure in areas such as detections-as-code (DaC), Sigma, or similar
- Practice version control and automation-as-code (Git or similar)
Requirements
- 5+ years in security operations with a working understanding of how a SOC functions end to end
- 3+ years specifically designing and building security automation/orchestration workflows
- Hands-on experience with at least one SOAR/automation platform: Tines, Torq, or Cortex XSOAR
- Proficiency integrating security and IT systems via REST APIs, webhooks, and JSON
- Scripting ability, primarily Python, for custom logic, data transforms, and handling within automated workflows
- Familiarity with tooling categories automations connect to: SIEM, EDR/XDR, ticketing (ServiceNow, Jira), threat intelligence, and email security
- Experience with cloud native security tooling and familiarity with AWS or Azure
- Platform or vendor certifications: Tines, Torq, Cortex XSOAR; or SIEM/EDR certs (such as Splunk, Microsoft Sentinel, CrowdStrike)
- Prior delivery experience in a consulting, professional services, or MSSP environment
- Detection engineering exposure in areas such as detections-as-code (DaC), Sigma, or similar
- Version control and automation-as-code practices (Git or similar repo controls)
Qualifications
- Working knowledge of the tooling categories automations connect to: SIEM, EDR/XDR, ticketing (ServiceNow, Jira), threat intelligence, and email security
- Ability to independently scope automation requirements with clients and translate them into a build plan
- Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes
- Familiarity using LLMs in a development and automation context, including AI assisted or agentic coding tools such as Claude Code or Codex; exposure to MCP based integrations is a plus
Skills
- Python scripting
- REST APIs, webhooks, and JSON integration
- SIEM, EDR/XDR, ticketing (ServiceNow, Jira), threat intelligence, and email security tooling
- AI tools and LLMs in a development and automation context
- Cloud native security tooling (AWS or Azure)
Benefits
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
Pay
Compensation is commensurate with experience.
Schedule
The position is remote primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions).