HiringCafe
Posted 6mo ago

Senior Security Automation & Detection Engineer

@ AspenView
View All Jobs
Colombia or Argentina
RemoteFull Time
Responsibilities:EDR/XDR deployment, SOAR development, Detection tuning
Requirements Summary:5–8+ years in security engineering or automation; hands-on with EDR/XDR; SOAR experience; Python and PowerShell; enterprise security deployment; MITRE ATT&CK knowledge.
Technical Tools Mentioned:EDR/XDR, SOAR, Python, PowerShell, SIEM, MITRE ATT&CK
Save
Mark Applied
Hide Job
Report & Hide
Job Description

About the Role

The Senior Security Automation & Detection Engineer is a key technical contributor responsible for the implementation, tuning, and automation of the Client’s endpoint security ecosystem. This role is designed for a hands-on expert who can take a technical requirement and turn it into a robust, automated defense mechanism.

You will focus on the deep engineering of EDR/XDR platforms and the development of sophisticated SOAR playbooks. Your goal is to ensure that security telemetry is not just collected, but utilized to trigger machine-speed responses that protect the enterprise 24/7.

What you will do:

EDR/XDR Engineering & Deployment

  • Execute the engineering, deployment, and configuration of enterprise EDR/XDR platforms (e.g., CrowdStrike, Microsoft Defender, SentinelOne, or Cortex XDR).
  • Implement endpoint policy hardening and behavioral analytics to reduce the attack surface across global environments.
  • Build and maintain complex detection rules and correlation logic tailored to identify advanced adversary TTPs.

SOAR & Automation Development

  • Design and develop automated SOAR playbooks and triage workflows to streamline incident handling.
  • Write custom scripts in Python and PowerShell to integrate security tools and automate repetitive tasks via APIs.
  • Build automated threat containment and incident enrichment pipelines to significantly reduce the Mean Time to Respond (MTTR).

Detection Tuning & Telemetry Correlation

  • Perform continuous detection tuning to reduce false positives and improve the fidelity of security alerts.
  • Correlate telemetry across multiple SIEM platforms to ensure visibility into lateral movement and persistence.
  • Support threat hunting efforts by providing high-quality telemetry and behavioral rule creation based on the MITRE ATT&CK framework.

Tools & Technologies:

  • EDR/XDR: Advanced hands-on experience with CrowdStrike, Microsoft Defender, SentinelOne, or Palo Alto Cortex.
  • SOAR: Practical experience building workflows in Cortex XSOAR, Splunk SOAR, or Microsoft Sentinel (Logic Apps).
  • Languages: Strong proficiency in Python and PowerShell for security automation.
  • SIEM: Familiarity with Microsoft Sentinel, Splunk, or similar enterprise SIEMs.
  • Standards: Deep understanding of the MITRE ATT&CK framework.

What you bring:

  • 5–8+ years of hands-on experience in Security Engineering, Detection Engineering, or Security Automation.
  • Technical Autonomy: Proven ability to deploy and manage security platforms at an enterprise scale with minimal supervision.
  • Automation Skills: Experience writing code to automate security responses and integrate different technology stacks.
  • Analytical Precision: Ability to analyze raw telemetry and create effective detection logic.
  • Problem-Solving: A focus on operational efficiency and the removal of manual security tasks through engineering.


Equal Opportunity Employer:

AspenView is proud to be an equal opportunity employer. We believe in creating an environment where all employees feel welcome, valued, and empowered to succeed. We celebrate diversity and strive to build a culture of inclusion where all individuals, regardless of their race, color, gender, gender identity or expression, sexual orientation, disability, age, or any other characteristic, can thrive. We encourage applicants from all walks of life to join our team and make a lasting impact.