Jobs · Engineering · Texas

Senior Security Engineer

Continental General · Austin, TX · 1 mo ago
HybridEngineering$79k–$130k/yrFull-time

About the role

The Senior Security Engineer is a hands-on technical contributor responsible for advancing security platforms, detections, automation, and cloud security capabilities across AWS, SaaS, and enterprise environments.

Responsibilities

  • Own engineering and advanced configuration across SIEM, SOAR, CSPM, EDR, SASE, and data security platforms.
  • Build integrations, logging pipelines, and enrichment logic across AWS, SaaS, and identity providers.
  • Contribute to platform strategy, participate in technology selection and proof-of-concept evaluations.
  • Apply and help refine engineering standards for logging, telemetry, detection content, and automation practices.
  • Develop and tune detections mapped to MITRE ATT&CK, cloud threats, and environment-specific risk.
  • Build enrichment pipelines, correlation logic, and advanced SIEM analytics (Splunk SPL).
  • Identify logging and telemetry gaps and engineer new data sources across AWS and SaaS platforms.
  • Partner with threat intelligence to incorporate adversary behaviors into detection logic and hunting hypotheses.
  • Design and implement SOAR playbooks, enrichment workflows, and automated response actions.
  • Develop automation scripts and APIs (Python, PowerShell, Bash) for security operations functions.
  • Use AI-assisted development tools to accelerate automation build-out, reduce manual workflows, and improve iteration speed on security engineering tasks.
  • Proactively evaluate emerging AI tooling, agentic workflows, and automation integrations for applicability to security operations; bring validated approaches to the team before they become industry standard practice.
  • Engineer cloud security controls and observability across multi-account AWS environments.
  • Extend CSPM capabilities with custom rules, policies, automation, and remediation pathways.
  • Implement and maintain AWS security guardrails across Security Hub, GuardDuty, Inspector, Macie, CloudTrail, and IAM.
  • Collaborate with cloud engineering and DevOps teams on secure architectures, monitoring patterns, and CloudWatch Logs data protection (PII/PHI masking).
  • Support technical implementation and optimization of SASE platforms, including SWG, CASB, and ZTNA control.
  • Engineer data visibility and protection controls across SaaS, cloud storage, and API environments.
  • Partner with identity and security teams to drive Zero Trust-enabling controls and telemetry expansion.
  • Support AppSec and API security by integrating telemetry, SAST/DAST findings, and runtime controls into detection workflows.
  • Engineer detection patterns for OWASP Top 10 vulnerabilities and API misuse patterns.
  • Collaborate with DevSecOps to automate application security validation and implement CI/CD security guardrails.
  • Serve as technical engineering escalation during active security investigations and incident response.
  • Build IR automation, forensic data integrations, and evidence collection workflows.
  • Implement corrective technical controls resulting from post-incident analysis and lessons learned.
  • Contribute engineering work to runbooks, playbooks, and automation patterns shared with the SOC.

Qualifications

  • 5+ years of security engineering, detection engineering, or advanced security operations experience; or the equivalent years of education and experience required.
  • Expertise with SIEM detection development and correlation logic (Splunk preferred), including advanced SPL and analytics authoring.
  • Strong AWS security engineering experience across multi-account environments, including Security Hub, GuardDuty, Inspector, Macie, CloudTrail, and IAM.
  • Proficiency with SOAR platforms and automation scripting (Python, PowerShell, Bash) for SecOps workflow automation.
  • Experience with SASE technologies (SWG, CASB, ZTNA) and/or DSPM platforms in an enterprise environment.
  • Deep working knowledge of adversary TTPs and the MITRE ATT&CK framework applied to detection engineering and threat modeling.
  • Experience integrating cloud and SaaS telemetry into detection and incident response workflows.
  • Genuine curiosity and an early-mover instinct for emerging technologies, including AI-assisted development tools such as Claude Code; demonstrated habit of evaluating and adopting new capabilities ahead of the curve to improve security posture and reduce manual workflows.
  • Self-directed working style with the ability to scope, prioritize, and execute engineering work autonomously across concurrent initiatives without close direction.

Similar jobs

Senior Security Engineer

Greenlight NetworksBaltimore, MD· 1 mo ago
Information Technologyapply on recruiting.myapps.paychex.com

Senior Security Engineer

Beyond FinanceChicago, IL· 2 wk ago
Information Technology$140k–$165k/yrapply on job-boards.greenhouse.io