Responsibilities

As a Senior Security Engineer (SOAR/Automation), you'll build automation that improves SOC efficiency, reducing analyst workload, and accelerating incident response

We are looking for:

SOAR Ownership & Engineering

-Proven experience building, maintaining, and optimizing automated workflows and playbooks within a SOAR platform (e.g., Palo Alto XSOAR, Splunk SOAR).

-Strong background integrating SIEM, EDR, NDR, cloud logging platforms, and ticketing systems into end-to-end automated workflows.

-Ability to identify and automate repetitive SOC tasks to reduce analyst workload and accelerate incident response.

AI/LLM-Driven Automation

-Hands-on experience using AI and LLM tools (e.g., GPT, security-specific copilots) to enhance detection, triage, and analyst workflows.

-Focus on operational implementation-leveraging AI/LLM outputs to improve decision-making and workflow efficiency

Scripting & Software Development Practices

-Proficiency in scripting languages such as Python, Go, PowerShell, or similar.

-Familiarity with Git-based version control, CI/CD pipelines, and treating automation artifacts as production-grade software.

-Ability to write clean, modular, and well-documented code that scales across SOC environments.

What is your background?
- A related degree or comparable formal training, certification, or work experience
- 5+ years of experience designing / developing / configuring / implementing / supporting systems and multi-vendor, diverse security solutions at a large scale.
- 3+ years of experience in information security or IT risk management / compliance
- Experience with published standards, guidance, and frameworks related to info security architecture / controls and practical implementation techniques in an enterprise required.
- Experience with network protocols, PKI, secrets management, and platform / OS security
- Experience working with public cloud infrastructures.
- One or more professional security certifications (e.g., CISSP, OSCP, OSCE, GCIH, CASP, AWS Security)

What is the work?
Design & Development / Information Technology:
- Owns products of H-E-B's information security stack; leads planning, implementation, lifecycle, and care for security measures and controls related to security monitoring, detection, and incident response.
- Assesses existing security posture against industry best practices and control frameworks; proposes solutions and improvements.
- Investigates intrusion attempts, security incidents, malware infections, exploit attempts, and internet usage anomalies; analyzes / investigates security alerts; helps execute threat responses.
- Establishes plans and protocols to protect data and info systems against unauthorized access, modification, and destruction.
- Works with H-E-B teams and external security solution vendors to scope / configure / validate solutions that support our security posture.
- Works with information system owners and Administrators to design / propose / implement security relevant standards, techniques, and processes.
- Collaborates with other engineering teams to lead / drive software-defined infrastructure environment, configuration and build scripts, and CI / CD security components.
- Educates on / ensures others understand implementation of security controls and solutions; ensures gaps, dependencies, and defects are identified / addressed.
- Research / stays current on emerging technologies, threats, and solutions; helps evaluate technologies that align with business goals, reduce costs, and improve reliability, scalability, and security.
- Champions information security: shares / promotes security and safe operating procedures.
- May coach / mentor team Partners

Do you have what it takes to be an H-E-B Senior Security Engineer?
- Strong working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
- Strong working knowledge of Python, Golang, JavaScript, PowerShell, or *nix Shell scripting
- Strong working knowledge of iMac platforms (e.g., Terraform, AWS CloudFormation)
- Working knowledge of security issues for desktop, virtual, cloud services, and network infrastructures
- Familiarity with security technologies such as SIEM, SOAR, EDR, NDR, FIM, and DLP
- Familiarity with related industry regulations (e.g., PCI DSS, HIPAA)
- Strong interpersonal skills and collaborative mindset
- Strong verbal / written communication skills
- Strong time management and prioritization skills
- Understanding of Agile and other project management methodologies
- Ability to professionally manage confidential information.
- Ability to work well under pressure.

JDSECURITY

JDENGINEERING

DEV3232