Search Jobs
Search by job, company or skills
Search by job, company or skills
About the role
This position is a member of the STRM - Security Threat and Response Management team which is responsible for security monitoring and response functions for Mastercard, accounting for both physical and cyber security events. Engineer would build new software capabilities, support existing solutions, provide technical oversight and lend its expertise to the program.
* Design and build automated playbooks in SOAR platform for common incident response use cases.
* Mentor analysts on detection logic, search optimization, and investigation best practices.
* Write custom scripts (primarily in Python) for integrations, automation, and enrichment tasks.
* Create and maintain documentation for detections, use cases, and automation processes.
* Collaborate with Threat Intelligence, Incident Response, and DevSecOps teams to align detection and response efforts.
* Continuously assess and improve security posture through automation and process refinement.
* Stay current on threat trends, emerging technologies, and advancements in detection and SOAR use cases.
All about you
* Strong programming skills with familiarity in Python Java added advantage along with their associated frameworks, for scripting, development, and automation.
* Good understanding of microservices architecture and experience in designing, developing, and deploying microservices-based applications.
* Solid understanding of security operations and incident response workflows.
* Ability to mentor and guide junior team members on detection logic and investigation strategy.
* Familiarity with MITRE ATT&CK framework and applying it to automation development.
* Experience integrating various security tools and data sources within Splunk ecosystem.
* Knowledge of REST APIs and building integrations with third-party tools.
* Prior experience in Security Engineering or Security Operations is plus.
* Deep expertise in Splunk Enterprise Security (ES) and Splunk SOAR (formerly Phantom) is plus.
Job ID: 140198655
