CrawlJobs Logo

Lead Security Operations Engineer

United States, Austin · Job Posted February 18, 2026
Apply Position
Job Link Share

Job Description

We are looking for a Lead Security Operations Engineer to design, implement, and lead our Security Orchestration, Automation, and Response (SOAR) platform. In this role, you'll be the technical leader responsible for building and optimizing our security automation capabilities. You will work with a diverse set of technologies, including various security tools, APIs, and cloud services, to streamline our security operations and enhance our incident response efficiency. Your expertise will directly contribute to safeguarding Take-Two and its labels systems, networks, and data.

Job Responsibility

  • SOAR Platform Management: Lead the design, development, and maintenance of SOAR playbooks, workflows, and integrations with other security tools
  • Automation and Optimization: Identify and implement automation opportunities to improve the speed and accuracy of security operations and incident response
  • Technical Leadership: Act as a domain expert for SOAR, providing technical guidance, mentorship, and support to the security team
  • Collaboration and Strategy: Partner with other security teams to ensure SOAR capabilities align with the overall security strategy
  • Documentation and Reporting: Create and maintain comprehensive documentation for workflows and integrations, and develop reports to measure program success
  • Change Management and Maintenance: Assist with SOAR tool migrations, document all system changes, and stay ahead of the latest SOAR and automation trends

Requirements

  • 5+ years’ experience as a SOAR Engineer
  • Deep expertise in designing, building, and maintaining automated security workflows and playbooks using a SOAR platform
  • The ability to analyze complex security challenges, find opportunities to automate repetitive manual tasks, and develop data-driven solutions
  • Excellent written and verbal communication skills
  • Hands-on experience with a leading SOAR platform (Palo Alto Networks Cortex XSOAR, Tines or Splunk Enterprise Security) coupled with advanced scripting skills in Python

Nice to have

  • Relevant industry certifications such as GCED, GCIH, GMON, CEH, etc. or other certifications from organizations like ISC2 or CompTIA
  • Proficiency in programming and scripting languages common to security such as Python, Go, Bash, or Powershell, Javascript
  • Knowledge of security frameworks including MITRE Att&ck, NIST, etc.
  • Prior experience leading a small team or a project

What we offer

  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Stocked pantries

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead Security Operations Engineer

8 matching positions

Security Engineer (Security Operations)

Everlaw is looking for a Security Engineer. Reporting to the Manager, Security E...
Location
Location
United States , Oakland
Salary
Salary:
159000.00 - 201000.00 USD / Year
everlaw.com Logo
Everlaw
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 1-3 years of experience working in a security-focused role
  • Experience in handling security events and incidents from initial triage through to remediation
  • Programming skills in at least one scripting language (like Python) and are comfortable navigating a Linux environment
  • Experience with security tools like vulnerability scanners (Nessus/Trivy), HIDS/NIDS (Wazuh/Zeek), and SIEM/SOAR platforms (Splunk/ELK/Datadog)
  • Understand the vulnerability lifecycle and have experience detecting, prioritizing, and remediating vulnerabilities
  • Written detection rules and response processes for security specific events
  • Can explain technical concepts without jargon, keeping security relatable so that others can solve problems with your support
  • Balance strong protections with enabling people to do their work, finding ways to improve security without blocking innovation
  • Authorized to work in the United States without restrictions
Job Responsibility
Job Responsibility
  • Support the team to drive improvements in our vulnerability management, threat detection, and incident response capabilities, contributing your perspective to help the team grow
  • Triage security events and respond to security incidents, taking action to contain them, guiding recovery of normal operations, and reducing the likelihood of recurring threats
  • Strengthen threat detection and response systems that safeguard both our cloud infrastructure, third-party integrations, and platform services
  • Develop and refine security processes, procedures, and runbooks that allow our security posture to scale as the company grows
  • Manage and tune AWS security services (IAM, Security Hub, GuardDuty, Config) for effective threat detection, access control, and continuous monitoring
  • Collaborate with Engineering, Engineering Operations, Corporate Security, and GRCT teams to help meet our operational security commitments by probing for vulnerabilities, assessing risk, and advising on how to respond to them
  • Advise other engineers and partners on building a secure platform by leading threat modeling sessions, conducting security design reviews, and reviewing code and configuration changes for security concerns
  • Proactively solve security challenges and foster a security mindset with innovative, security-conscious coworkers across Everlaw
What we offer
What we offer
  • Equity program
  • 401(k) retirement plan with company matching
  • Health, dental, and vision
  • Flexible Spending Accounts for health and dependent care expenses
  • Paid parental leave and approximately 10 days (80 hours) per year of sick leave
  • Seventeen paid vacation days plus 11 federal holidays
  • Membership to Modern Health to help employees prioritize mental health and wellness
  • Annual allocation for Learning & Development opportunities and applicable professional membership dues
  • Company-sponsored life and disability insurance
  • Work in Downtown Oakland, just steps from the BART line and dozens of restaurants
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Security Operations

The senior security engineer role provides a unique opportunity to shape the sec...
Location
Location
United States , REMOTE; SAN FRANCISCO; ROSEVILLE; LEHI; WEST PALM BEACH; IRVINE
Salary
Salary:
146000.00 - 170000.00 USD / Year
goodleap.com Logo
GoodLeap
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences
  • Expertise in security event management, monitoring, threat hunting, incident response, playbook creation, orchestration/automations
  • Experience with threat modeling methodologies
  • Expertise with EDR solutions/platforms, such as CrowdStrike, S1, Palo Alto Cortex EDR
  • Experience with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus)
  • Proven ability to establish credibility and build trust with business, engineers, and operational staff
  • Experience designing, configuring, and implementing security and fraud monitoring for core enterprise systems, e.g., ERP, HCM, Salesforce
  • Experience working with and creating solutions based AI and ML toolsets – e.g., creation of AI skills, agents, MCP clients, vibe coding
  • Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases
  • Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK
Job Responsibility
Job Responsibility
  • Lead, participate in, and contribute to security and fraud monitoring, detection, and response activities, inclusive of investigations, threat hunting,etc. Create playbooks for specific incident response scenarios
  • Identify potential misuse and abuse cases in enterprise systems, propose solutions to detect these scenarios, and identify and implement monitoring and detection solutions for such scenarios
  • Support or develop components of the security analytics platform
  • Support embedded (product) security team
  • Support general security operations team with vulnerability management, tools management, and more
What we offer
What we offer
  • bonus
  • equity
  • Fulltime
Read More
Arrow Right

Staff Security Software Engineer - Security Operations

The Role GM’s Cybersecurity Team safeguards the company’s global information ...
Location
Location
United States , Austin
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years in software engineering with a focus on distributed systems, security integrations, and data platforms
  • Deep expertise building event-driven, horizontally scalable services and contract-first APIs
  • Track record productizing AI in security workflows (multi-agent patterns, RAG at scale, evaluation harnesses, guardrails, red-teaming)
  • Cloud architecture depth (Azure/AWS/GCP), including networking, Kubernetes, service meshes, observability stacks, and IaC at scale
  • Data platform expertise: streaming (Kafka/Event Hub/PubSub), vector/search (pgvector/FAISS/Pinecone), schema/versioning, governance/lineage
  • Demonstrated org-wide influence: authored standards, drove cross-team adoption, led multi-quarter programs to successful outcomes
  • Exceptional communication with executives
  • ability to frame risk, ROI, and tradeoffs succinctly
Job Responsibility
Job Responsibility
  • Set the reference architecture for security data integration and AI orchestration (agents, policy-guard railed workflows, governance)
  • Lead cross-org programs that unify SIEM/EDR/IAM/SSPM/CSPM/ITSM/cloud data models and establish single sources of truth
  • Operationalize AI at scale with safety, privacy, and governance—including data retention, PII controls, model routing, evaluation, and fallback strategies
  • Drive cost/performance optimization (throughput, latency, storage tiering, vector index strategies) for high-volume security telemetry
  • Influence vendor strategy and negotiate integration roadmaps
  • guide build-vs-buy decisions and multi-year investments
  • Mentor/coach Staff/Senior engineers
  • build a culture of design excellence, pragmatic risk management, and measurable outcomes
  • Communicate upward with crisp executive narratives, metrics, and business impact framing
What we offer
What we offer
  • Relocation benefits
  • Fulltime
Read More
Arrow Right

Security Operations Engineer - Program Operations

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Business, Operations, Supply Chain, Logistics, Computer Science, or related field AND 2+ years’ experience in program management, security operations, supply chain OR equivalent experience
  • 2+ years’ experience in operations, support or program management
  • 2+ years’ experience in supply chain or logistics management
  • 2+ years’ experience in overseeing large budgets, invoicing, and cost management
  • 1+ years’ experience in vendor management
  • 1+ years’ experience in data management and analytics (PowerBI, SQL, Kusto)
  • Prior experience leading or contributing to a large-scale, enterprise-wide product or service
Job Responsibility
Job Responsibility
  • Define, communicate and measure key success metrics to monitor program health
  • Create high quality, customer-facing documentation for onboarding, program processes, and self-help solutions
  • Track supplier performance against program success metrics, and address any gaps in service
  • Foster an environment of learning to develop product and service experts within the team
  • Implement telemetry and reporting pipelines across the program ecosystem to monitor program health, measure success, and inform roadmap planning
  • Effectively communicate status to key stakeholders, and make data-driven decisions
  • Manage invoicing, receipt and cost oversite for the secure device program
  • Generate demand a cost forecasts across multiple organizations across Microsoft, partnering closely with Finance Managers, hardware suppliers, and Business Managers
  • Manage procurement, distribution, and logistics for our global supply chain
  • Partner with Hardware OEMs to ensure device availability inventory health
  • Fulltime
Read More
Arrow Right

Senior Security Software Engineer - Security Operations

The Role GM’s Cybersecurity Team safeguards the company’s global information ass...
Location
Location
United States , Warren
Salary
Salary:
125200.00 - 158600.00 USD / Year
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years in software security engineering
  • advanced proficiency in modern programming languages
  • Expert in API development, microservices, event streaming, and idempotent integration patterns
  • Experience deploying software using any modern CI/CD pipeline and automated delivery practices
  • Hands-on with security tooling integrations (e.g., SIEM, EDR, SSPM)
  • Proven AI integration experience: LLM agents, embeddings, vector databases, RAG, prompt engineering
  • Cloud proficiency (Azure/AWS/GCP) and IaC (Terraform/Bicep/ARM/CloudFormation)
  • Data engineering fluency: ETL/ELT, schema design, normalization/enrichment
  • formats (JSON, YAML, syslog, STIX/TAXII)
  • Excellent cross-functional communication
Job Responsibility
Job Responsibility
  • Own architecture & delivery for complex integration services (APIs, microservices, event-driven workflows) with production SLIs/SLOs
  • Build AI-driven workflows (RAG, summarization, classification, agents) that augment investigations, triage, and orchestration
  • Create reusable connectors bridging SIEM/EDR/IAM/SSPM/ITDR/ITSM and cloud telemetry with robust error handling, retries, and DLQs
  • Implement security automation (SOAR-like playbooks) that enrich alerts and trigger deterministic + AI-assisted responses
  • Harden and observe services with CI/CD, automated testing, performance profiling, metrics, and incident runbooks
  • Mentor engineers and lead technical design reviews, coding standards, and reference implementations
  • Translate requirements into clear epics/roadmaps
  • align stakeholders and deliver on time with quality
What we offer
What we offer
  • medical
  • dental
  • vision
  • Health Savings Account
  • Flexible Spending Accounts
  • retirement savings plan
  • sickness and accident benefits
  • life insurance
  • paid vacation & holidays
  • incentive pay program based on company, job level, and individual performance
  • Fulltime
Read More
Arrow Right
New

Staff Security Engineer, Enterprise Security Operations

We're searching for a Staff Security Engineer, Enterprise Security Operations to...
Location
Location
United States , Detroit
Salary
Salary:
171000.00 - 273000.00 USD / Year
aurora.tech Logo
Aurora Innovation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of hands-on experience in enterprise security operations, security platform administration, or a senior SOC engineering role
  • Expert-level proficiency administering and operating at least two enterprise security platforms (e.g., CrowdStrike, SentinelOne, Splunk, Panther, Sentinel, Jamf, Kandji/Iru, Puppet, WorkspaceONE, Intune, Zscaler, Okta, Proofpoint, Wiz, osquery)
  • Demonstrated ability to tune and optimize security platforms beyond out-of-the-box configurations
  • Strong log analysis and threat hunting skills
  • Experience conducting thorough incident investigations
  • Ability to assess security control effectiveness
  • Comfort working under pressure in ambiguous, fast-moving situations with competing priorities
Job Responsibility
Job Responsibility
  • Own the operational health, configuration, and continuous improvement of Aurora's enterprise security platform stack
  • Develop and refine detection rules, correlation logic, and alert policies
  • Conduct proactive threat hunting across Aurora's security telemetry
  • Serve as the deepest internal expert on Aurora's enterprise security tooling
  • Participate in the team's on-call rotation, leading deep-dive investigations into security alerts and incidents
  • Continuously audit and validate that existing security controls are configured correctly
  • Maintain operational runbooks, detection documentation, and platform configuration records
What we offer
What we offer
  • Annual bonus
  • Equity compensation
  • Benefits
  • Fulltime
Read More
Arrow Right
New

Staff Security Engineer, Enterprise Security Operations

We're searching for a Staff Security Engineer, Enterprise Security Operations to...
Location
Location
United States , San Francisco
Salary
Salary:
189000.00 - 303000.00 USD / Year
aurora.tech Logo
Aurora Innovation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of hands-on experience in enterprise security operations, security platform administration, or a senior SOC engineering role
  • Expert-level proficiency administering and operating at least two enterprise security platforms (e.g., CrowdStrike, SentinelOne, Splunk, Panther, Sentinel, Jamf, Kandji/Iru, Puppet, WorkspaceONE, Intune, Zscaler, Okta, Proofpoint, Wiz, osquery)
  • Demonstrated ability to tune and optimize security platforms beyond out-of-the-box configurations
  • Strong log analysis and threat hunting skills
  • Experience conducting thorough incident investigations
  • Ability to assess security control effectiveness
  • Comfort working under pressure in ambiguous, fast-moving situations with competing priorities
Job Responsibility
Job Responsibility
  • Own the operational health, configuration, and continuous improvement of Aurora's enterprise security platform stack
  • Develop and refine detection rules, correlation logic, and alert policies
  • Conduct proactive threat hunting across Aurora's security telemetry
  • Serve as the deepest internal expert on Aurora's enterprise security tooling
  • Participate in the team's on-call rotation, leading deep-dive investigations into security alerts and incidents
  • Continuously audit and validate that existing security controls are configured to actually do what they are supposed to do
  • Maintain operational runbooks, detection documentation, and platform configuration records
What we offer
What we offer
  • Annual bonus
  • Equity compensation
  • Fulltime
Read More
Arrow Right
New

Staff Security Engineer, Enterprise Security Operations

Aurora’s mission is to deliver the benefits of self-driving technology safely, q...
Location
Location
United States , Pittsburgh
Salary
Salary:
171000.00 - 273000.00 USD / Year
aurora.tech Logo
Aurora Innovation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of hands-on experience in enterprise security operations, security platform administration, or a senior SOC engineering role
  • Expert-level proficiency administering and operating at least two enterprise security platforms (e.g., CrowdStrike, SentinelOne, Splunk, Panther, Sentinel, Jamf, Kandji/Iru, Puppet, WorkspaceONE, Intune, Zscaler, Okta, Proofpoint, Wiz, osquery), with strong working knowledge across several others
  • Demonstrated ability to tune and optimize security platforms beyond out-of-the-box configurations
  • Strong log analysis and threat hunting skills
  • Experience conducting thorough incident investigations — triage, containment, root cause analysis, and post-incident review
  • Ability to assess security control effectiveness
  • Comfort working under pressure in ambiguous, fast-moving situations with competing priorities
Job Responsibility
Job Responsibility
  • Own the operational health, configuration, and continuous improvement of Aurora's enterprise security platform stack
  • Develop and refine detection rules, correlation logic, and alert policies, reducing noise while ensuring Aurora maintains high-fidelity coverage against real threats
  • Conduct proactive threat hunting across Aurora's security telemetry
  • Serve as the deepest internal expert on Aurora's enterprise security tooling, acting as the escalation point for complex platform issues
  • Participate in the team's on-call rotation, leading deep-dive investigations into security alerts and incidents
  • Continuously audit and validate that existing security controls are configured to actually do what they're supposed to do
  • Maintain operational runbooks, detection documentation, and platform configuration records
What we offer
What we offer
  • Annual bonus
  • Equity compensation
  • Benefits
  • Fulltime
Read More
Arrow Right