Description
The primary objective of this engagement is to measurably improve security detection quality and response automation while operationalizing the target-state SaaS security architecture. This project focuses on execution and enforcement—transforming documented governance models into active, measurable security controls integrated within daily operations.
The Security Operations & Automation team is responsible for the technical defense and rapid response capabilities of the organization. The team focuses on bridging the gap between security strategy and technical execution through engineering-led detection and automated response.
Requirements
Hands-on SaaS Security: Direct experience securing SaaS environments at scale, including inventory management, risk classification, and ownership models.
Detection Authoring: Proven track record of personally designing or significantly improving SIEM detections based on realistic attacker behavior.
Automation Expertise: Experience building SOAR automation that includes automated response actions and considers safety/rollback procedures.
Incident Frameworks: Deep familiarity with incident response processes and the ability to map detections to the MITRE ATT&CK matrix.MDR
Partnership: Prior experience working effectively with third-party SOC/MDR providers to improve alert quality and tune out noise.
Preferred Certifications:
GCED (GIAC Certified Enterprise Defender)
GCIA (GIAC Certified Intrusion Analyst)
GCIH (GIAC Certified Incident Handler)
CISSP (with strong technical depth), CRTO (Certified Red Team Operator), or GCFA
Platform-specific certs: Microsoft Sentinel, Splunk, Elastic, or Cloud Security (AZ-500/AWS Security)
Job responsibilities
Detection Engineering: Design and implement high-value SIEM detections focused on SaaS abuse, identity compromise, and data exfiltration, ensuring all logic is mapped to the MITRE ATT&CK framework.
– SOAR Automation: Build sophisticated playbooks that go beyond simple data enrichment to include complex decision logic and automated response actions that measurably reduce Mean Time to Respond (MTTR).
– SaaS Security Enforcement: Operationalize SaaS security controls including Data Loss Prevention (DLP), session/access controls, and monitoring/alerting across existing platforms.MDR Integration: Act as the primary technical point of contact for Arctic Wolf integration, creating feedback loops and operational workflows to ensure external alerts are actionable within internal processes.
– Audit & Metrics: Produce evidence-ready reporting for compliance reviews and establish a baseline for key performance indicators such as MTTD, MTTR, and alert signal quality.
– Technical Leadership: Define standards for detection and automation, approve designs from Tier 2 engineers, and conduct knowledge-transfer sessions for internal teams.
What we offer
Empowering Projects: With 500+ clients spanning diverse industries and domains, we provide an exciting opportunity to contribute to groundbreaking projects that leverage cutting-edge technologies. As a team, we engineer digital products that positively impact people’s lives.
Empowering Growth: We foster a culture of continuous learning and professional development. Our dedication is to provide timely and comprehensive assistance for every consultant through our dedicated Learning & Development team, ensuring their continuous growth and success.
DE&I Matters: At GlobalLogic, we deeply value and embrace diversity. We are dedicated to providing equal opportunities for all individuals, fostering an inclusive and empowering work environment.
Career Development: Our corporate culture places a strong emphasis on career development, offering abundant opportunities for growth. Regular interactions with our teams ensure their engagement, motivation, and recognition. We empower our team members to pursue their career goals with confidence and enthusiasm.
Comprehensive Benefits: In addition to equitable compensation, we provide a comprehensive benefits package that prioritizes the overall well-being of our consultants. We genuinely care about their health and strive to create a positive work environment.
Flexible Opportunities: At GlobalLogic, we prioritize work-life balance by offering flexible opportunities tailored to your lifestyle. Explore relocation and rotation options for diverse cultural and professional experiences in different countries with our company.
About GlobalLogic
GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.
