Sr. Security Incident Management and Response Automation Engineer

50728BR

USA - Florida - Oviedo, USA - Georgia - Atlanta, USA - Illinois - Chicago, USA - Illinois - Schaumburg, USA - Indiana - Bloomington, USA - Indiana - Indianapolis, USA - Maryland - Columbia, USA - Massachusetts - Boston, USA - Massachusetts - Boxborough, USA - Massachusetts - Burlington, USA - Massachusetts - Marlboro, USA - Michigan - Detroit, USA - Michigan - Novi, USA - Minnesota - Bloomington, USA - Minnesota - Minneapolis, USA - Minnesota - Roseville, USA - Morrisville - North Carolina, USA - New Jersey - Bedminster, USA - New Jersey - Newark, USA - New York - New York City, USA - New York - Ossining, USA - North Carolina - Durham, USA - Ohio - Cincinnati, USA - Ohio - Columbus, USA - Pennsylvania - Allentown, USA - Tennessee - Nashville, USA - Texas - Addison, USA - Texas - Austin, USA - Texas - Dallas, USA - Texas - Houston, USA - Texas - Plano, USA - Virginia - Dulles, USA - Virginia - Herndon, USA - Washington - Bellevue, USA - Washington - Seattle, USA - Washington DC, USA - Williston - Vermont

Job Description and Requirements

Sr. Security Incident Management and Response Automation Engineer

At SIG, Synopsys' Software Integrity Group, we are enthusiastic learners and seasoned inventors. We are makers and visionaries who make technology safer. We are innovators who develop the best solutions to keep your software safe. Whether you're selling it directly to your customers or relying on it to run your operations, SIG helps you protect your bottom line by building trust in your software-at the speed your business demands. We embrace diversity as a company, so we can create solutions that serve not just technology but the humans behind it.

The Cybersecurity team is seeking a passionate, experienced, and collaborative practitioner to be a key member of our security operations team.

The Sr. Security Incident Management and Response Automation Engineer improves security event detection capabilities and leads response automation efforts across diverse security tooling and enterprise operating environments. This individual contributor monitors threats, trends, and attack patterns, partnering with security operations center analysts and business stakeholders to create relevant, actionable security content representations while balancing the need for high-fidelity detections and false positive reduction.

Key Responsibilities

• Leads content building, tuning, and content lifecycle management using a variety of SIEM, endpoint, network, and cloud security tools
• Guides research, mentors junior staff, and keeps current on the latest emerging threats, attack patterns, and adversaries
• Works closely with security analysts and SOC staff to refine detections and reduce false positives
• Learns about business initiatives, products, and attack surface to drive relevant security detections
• Partners with stakeholders to drive improvements in technology and policy governance
• Leads threat intelligence-gathering activities and conduct hypothesis-driven threat-hunting activities

Qualifications

• Strong written and verbal communication skills; ability to establish and maintain strong working relationships with other functional groups
• Demonstrates experience building security content for a variety of detection technologies such as Network and Host Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR), and SIEM
• Possesses knowledge of a variety of threats, malicious actor personas, attack patterns, exploits, and common vulnerabilities
• Understands the MITRE ATT&CK Frameworks, Cyber Kill Chain, and Diamond Model concepts
• Has prior experience as an incident responder, a security operations analyst, or security engineer
• Demonstrates and understanding of current and emerging security threats
• Prior experience conducting and leading threat-hunting activities
• Proficient with Regular Expressions (RegEx), SQL queries, YARA rules, network packet analysis, and JSON
• Understanding of common attack patterns and Indicators of Compromise (IoCs) across Windows, MacOS, and Linux-based operating systems
• Hands-on experience conducting data ingestion, parsing, normalization, and building alerting rules using an enterprise-grade SIEM solution (e.g., Elastic, Splunk, QRadar, SumoLogic, etc.)
• Malware analysis experience and reverse-engineering skills
• Experience creating scripts using Python or similar languages
• Experience in incident investigations and response, computer forensics preferred
• Thorough understanding of foundational operating system and networking concepts, including standard protocols such as TCP, HTTPS, SSH, RDP, etc.
• 7+ years in an incident response role or working in or with a security operations center
• 5+ years of experience in evaluating, deploying, and managing endpoint, network, and cloud security tooling
• Bachelor's degree in information security, computer science, or a related field or equivalent combination of education, training, and experience
• Holds or is willing to obtain job-related security certifications
• Strong communication skills

About the Synopsys Software Integrity Group

Synopsys Software Integrity Group helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open-source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

For more information, go to www.synopsys.com/software.

Synopsys considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Synopsys complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Synopsys Inc. also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.

The base salary range across the U.S. for this role is between $137,000-$205,000. In addition, this role may be eligible for an annual bonus, equity, and other discretionary bonuses. Synopsys offers comprehensive health, wellness, and financial benefits as part of a of a competitive total rewards package. The actual compensation offered will be based on a number of job-related factors, including location, skills, experience, and education. Your recruiter can share more specific details on the total rewards package upon request.

Job Category

Information Technology

Country

United States

Job Subcategory

IT Security

Hire Type

Employee

Base Salary Range

$137,000-$205,000