Security Detection & SOAR Engineer IRC293017

Description

The primary objective of this engagement is to measurably improve security detection quality and response automation while operationalizing the target-state SaaS security architecture. This project focuses on execution and enforcement—transforming documented governance models into active, measurable security controls integrated within daily operations.

The Security Operations & Automation team is responsible for the technical defense and rapid response capabilities of the organization. The team focuses on bridging the gap between security strategy and technical execution through engineering-led detection and automated response.

Requirements

Hands-on SaaS Security: Direct experience securing SaaS environments at scale, including inventory management, risk classification, and ownership models.

Detection Authoring: Proven track record of personally designing or significantly improving SIEM detections based on realistic attacker behavior.

Automation Expertise: Experience building SOAR automation that includes automated response actions and considers safety/rollback procedures.

Incident Frameworks: Deep familiarity with incident response processes and the ability to map detections to the MITRE ATT&CK matrix.MDR

Partnership: Prior experience working effectively with third-party SOC/MDR providers to improve alert quality and tune out noise.

 

Preferred Certifications:

GCED (GIAC Certified Enterprise Defender)

GCIA (GIAC Certified Intrusion Analyst)

GCIH (GIAC Certified Incident Handler)

CISSP (with strong technical depth), CRTO (Certified Red Team Operator), or GCFA

Platform-specific certs: Microsoft Sentinel, Splunk, Elastic, or Cloud Security (AZ-500/AWS Security)

Job responsibilities

– Detection Engineering: Design and implement high-value SIEM detections focused on SaaS abuse, identity compromise, and data exfiltration, ensuring all logic is mapped to the MITRE ATT&CK framework.

– SOAR Automation: Build sophisticated playbooks that go beyond simple data enrichment to include complex decision logic and automated response actions that measurably reduce Mean Time to Respond (MTTR).

– SaaS Security Enforcement: Operationalize SaaS security controls including Data Loss Prevention (DLP), session/access controls, and monitoring/alerting across existing platforms.MDR Integration: Act as the primary technical point of contact for Arctic Wolf integration, creating feedback loops and operational workflows to ensure external alerts are actionable within internal processes.

– Audit & Metrics: Produce evidence-ready reporting for compliance reviews and establish a baseline for key performance indicators such as MTTD, MTTR, and alert signal quality.

– Technical Leadership: Define standards for detection and automation, approve designs from Tier 2 engineers, and conduct knowledge-transfer sessions for internal teams.

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.