Shire Jobs

Security Incident Management and Response Automation Engineer 50729BR USA - Florida - Oviedo, USA - Georgia - Atlanta, USA - Illinois - Chicago, USA - Illinois - Schaumburg, USA - Indiana - Bloomington, USA - Indiana - Indianapolis, USA - Maryland - Columbia, USA - Massachusetts - Boston, USA - Massachusetts - Boxborough, USA - Massachusetts - Burlington, USA - Massachusetts - Marlboro, USA - Michigan - Detroit, USA - Michigan - Novi, USA - Minnesota - Bloomington, USA - Minnesota - Minneapolis, USA - Minnesota - Roseville, USA - Morrisville - North Carolina, USA - New Jersey - Bedminster, USA - New Jersey - Newark, USA - New York - New York City, USA - New York - Ossining, USA - North Carolina - Durham, USA - Ohio - Cincinnati, USA - Ohio - Columbus, USA - Oregon - Hillsboro, USA - Pennsylvania - Allentown, USA - Tennessee - Nashville, USA - Texas - Addison, USA - Texas - Austin, USA - Texas - Dallas, USA - Texas - Houston, USA - Texas - Plano, USA - Virginia - Dulles, USA - Virginia - Herndon, USA - Washington - Bellevue, USA - Washington - Seattle, USA - Washington DC, USA - Williston - Vermont Job Description and Requirements Security Incident Management and Response Automation Engineer At SIG, Synopsys' Software Integrity Group, we are enthusiastic learners and seasoned inventors. We are makers and visionaries who make technology safer. We are innovators who develop the best solutions to keep your software safe. Whether you're selling it directly to your customers or relying on it to run your operations, SIG helps you protect your bottom line by building trust in your software-at the speed your business demands. We embrace diversity as a company, so we can create solutions that serve not just technology but the humans behind it. The Cybersecurity team is seeking a passionate, experienced, and collaborative practitioner to be a key member of our security operations team. The Security Incident Management and Response Automation Engineer improves security event detection capabilities and response automation across diverse security tooling and enterprise operating environments. This individual contributor monitors threats, trends, and attack patterns, partnering with security operations center analysts and business stakeholders to create relevant, actionable security content representations while balancing the need for high-fidelity detections and false positive reduction. Key Responsibilities Manages content building, tuning, and content lifecycle management using a variety of SIEM, endpoint, network, and cloud security tools Researches and keeps current on the latest emerging threats, attack patterns, and adversaries Works closely with security analysts and SOC staff to refine detections and reduce false positives Partners with stakeholders to drive improvements in technology and policy governance Gather threat intelligence and conduct hypothesis-driven threat-hunting activities Qualifications Strong written and verbal communication skills; ability to establish and maintain strong working relationships with business groups Demonstrates experience building security content for a variety of detection technologies such as Network and Host Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR), and SIEM Possesses knowledge of a variety of threats, malicious actor personas, attack patterns, exploits, and common vulnerabilities Understands the MITRE ATT&CK Frameworks, Cyber Kill Chain, and Diamond Model concepts Has prior experience as an incident responder, a security operations analyst, or security engineer Demonstrates and understanding of current and emerging security threats Prior experience conducting threat-hunting activities Proficient with Regular Expressions (RegEx), SQL queries, YARA rules, network packet analysis, and JSON Understanding of common attack patterns and Indicators of C