Sr. Security Incident Management and Response Automation Engineer

Job Description And RequirementsSr. Security Incident Management and Response Automation EngineerAt SIG, Synopsys’ Software Integrity Group, we are enthusiastic learners and seasoned inventors. We are makers and visionaries who make technology safer. We are innovators who develop the best solutions to keep your software safe. Whether you’re selling it directly to your customers or relying on it to run your operations, SIG helps you protect your bottom line by building trust in your software—at the speed your business demands. We embrace diversity as a company, so we can create solutions that serve not just technology but the humans behind it.The Cybersecurity team is seeking a passionate, experienced, and collaborative practitioner to be a key member of our security operations team.The Sr. Security Incident Management and Response Automation Engineer improves security event detection capabilities and leads response automation efforts across diverse security tooling and enterprise operating environments. This individual contributor monitors threats, trends, and attack patterns, partnering with security operations center analysts and business stakeholders to create relevant, actionable security content representations while balancing the need for high-fidelity detections and false positive reduction.Key ResponsibilitiesLeads content building, tuning, and content lifecycle management using a variety of SIEM, endpoint, network, and cloud security tools Guides research, mentors junior staff, and keeps current on the latest emerging threats, attack patterns, and adversaries Works closely with security analysts and SOC staff to refine detections and reduce false positivesLearns about business initiatives, products, and attack surface to drive relevant security detectionsPartners with stakeholders to drive improvements in technology and policy governanceLeads threat intelligence-gathering activities and conduct hypothesis-driven threat-hunting activitiesQualificationsStrong written and verbal communication skills; ability to establish and maintain strong working relationships with other functional groupsDemonstrates experience building security content for a variety of detection technologies such as Network and Host Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR), and SIEMPossesses knowledge of a variety of threats, malicious actor personas, attack patterns, exploits, and common vulnerabilitiesUnderstands the MITRE ATT&CK Frameworks, Cyber Kill Chain, and Diamond Model conceptsHas prior experience as an incident responder, a security operations analyst, or security engineerDemonstrates and understanding of current and emerging security threatsPrior experience conducting and leading threat-hunting activitiesProficient with Regular Expressions (RegEx), SQL queries, YARA rules, network packet analysis, and JSONUnderstanding of common attack patterns and Indicators of Compromise (IoCs) across Windows, MacOS, and Linux-based operating systemsHands-on experience conducting data ingestion, parsing, normalization, and building alerting rules using an enterprise-grade SIEM solution (e.g., Elastic, Splunk, QRadar, SumoLogic, etc.)Malware analysis experience and reverse-engineering skillsExperience creating scripts using Python or similar languagesExperience in incident investigations and response, computer forensics preferredThorough understanding of foundational operating system and networking concepts, including standard protocols such as TCP, HTTPS, SSH, RDP, etc.7+ years in an incident response role or working in or with a security operations center5+ years of experience in evaluating, deploying, and managing endpoint, network, and cloud security toolingBachelor’s degree in information security, computer science, or a related field or equivalent combination of education, training, and experienceHolds or is willing to obtain job-related security certificationsStrong communication skillsAbout The Synopsys Software Integrity GroupSynopsys Software Integrity Group helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open-source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.For more information, go to www.synopsys.com/software.Synopsys considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Synopsys complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Synopsys Inc. also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.The base salary range across the U.S. for this role is between $137,000-$205,000. In addition, this role may be eligible for an annual bonus, equity, and other discretionary bonuses. Synopsys offers comprehensive health, wellness, and financial benefits as part of a of a competitive total rewards package. The actual compensation offered will be based on a number of job-related factors, including location, skills, experience, and education. Your recruiter can share more specific details on the total rewards package upon request.Job CategoryInformation TechnologyCountryUnited StatesJob SubcategoryIT SecurityHire TypeEmployeeBase Salary Range$137,000-$205,000