CrawlJobs Logo

Lead SOAR Engineer

take2games.com Logo

Take-Two Interactive Software, Inc.

Location Icon

Location:
United States , Las Vegas

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a Lead Security Operations Engineer to design, implement, and lead our Security Orchestration, Automation, and Response (SOAR) platform. In this role, you'll be the technical leader responsible for building and optimizing our security automation capabilities. You will work with a diverse set of technologies, including various security tools, APIs, and cloud services, to streamline our security operations and enhance our incident response efficiency. Your expertise will directly contribute to safeguarding Take-Two and its labels systems, networks, and data.

Job Responsibility:

  • Lead the design, development, and maintenance of SOAR playbooks, workflows, and integrations with other security tools
  • Identify and implement automation opportunities to improve the speed and accuracy of security operations and incident response
  • Act as a domain expert for SOAR, providing technical guidance, mentorship, and support to the security team
  • Partner with other security teams to ensure SOAR capabilities align with the overall security strategy
  • Create and maintain comprehensive documentation for workflows and integrations, and develop reports to measure program success
  • Assist with SOAR tool migrations, document all system changes, and stay ahead of the latest SOAR and automation trends

Requirements:

  • 5+ years’ experience as a SOAR Engineer
  • Deep expertise in designing, building, and maintaining automated security workflows and playbooks using a SOAR platform
  • The ability to analyze complex security challenges, find opportunities to automate repetitive manual tasks, and develop data-driven solutions
  • Excellent written and verbal communication skills
  • Hands-on experience with a leading SOAR platform (Palo Alto Networks Cortex XSOAR, Tines or Splunk Enterprise Security) coupled with advanced scripting skills in Python

Nice to have:

  • Relevant industry certifications such as GCED, GCIH, GMON, CEH, etc. or other certifications from organizations like ISC2 or CompTIA
  • Proficiency in programming and scripting languages common to security such as Python, Go, Bash, or Powershell, Javascript
  • Knowledge of security frameworks including MITRE Att&ck, NIST, etc.
  • Prior experience leading a small team or a project
What we offer:
  • Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, free games & events and stocked pantries

Additional Information:

Job Posted:
December 12, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Take-Two Interactive Software, Inc. - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Lead SOAR Engineer

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Lead Security Operations Engineer

We are looking for a Lead Security Operations Engineer to design, implement, and...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years’ experience as a SOAR Engineer
  • Deep expertise in designing, building, and maintaining automated security workflows and playbooks using a SOAR platform
  • The ability to analyze complex security challenges, find opportunities to automate repetitive manual tasks, and develop data-driven solutions
  • Excellent written and verbal communication skills
  • Hands-on experience with a leading SOAR platform (Palo Alto Networks Cortex XSOAR, Tines or Splunk Enterprise Security) coupled with advanced scripting skills in Python
Job Responsibility
Job Responsibility
  • SOAR Platform Management: Lead the design, development, and maintenance of SOAR playbooks, workflows, and integrations with other security tools
  • Automation and Optimization: Identify and implement automation opportunities to improve the speed and accuracy of security operations and incident response
  • Technical Leadership: Act as a domain expert for SOAR, providing technical guidance, mentorship, and support to the security team
  • Collaboration and Strategy: Partner with other security teams to ensure SOAR capabilities align with the overall security strategy
  • Documentation and Reporting: Create and maintain comprehensive documentation for workflows and integrations, and develop reports to measure program success
  • Change Management and Maintenance: Assist with SOAR tool migrations, document all system changes, and stay ahead of the latest SOAR and automation trends
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Fulltime
Read More
Arrow Right

Technical Engineering Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • Extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
  • Fulltime
Read More
Arrow Right

Technical Engineer Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • An extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
Read More
Arrow Right

Senior AI Security Engineer

The Senior AI Security Engineer is a technical leader and engineering manager wi...
Location
Location
Hungary , Budapest
Salary
Salary:
22713830.00 - 38083370.00 HUF / Month
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-10+ years of experience in software engineering, with demonstrable experience as a technical lead or engineering manager
  • Python mastery: Deep, hands-on experience building and maintaining production-grade Python applications and services
  • LLM engineering: Practical experience with LLM APIs (OpenAI, Anthropic, Google), prompt engineering, model evaluation, and input/output guardrails
  • Production systems: Track record of deploying and operating AI/ML systems in production at enterprise scale
  • Software engineering fundamentals: Clean code, design patterns, testable architecture, CI/CD, infrastructure-as-code
  • 3+ years leading or managing engineering teams, including performance management, hiring, and career development
  • Track record of delivering complex software products in environments where priorities shift rapidly
  • Experience setting engineering standards and driving quality across a team's output
  • Demonstrated ability to mentor and develop engineers through code review, architectural guidance, and knowledge sharing
  • Proven capability to attract, develop, and retain engineering talent
Job Responsibility
Job Responsibility
  • Agentic AI Engineering & Use Case Incubation (40%): Own and evolve the Incubator Environment — the platform and tooling that enables CISO teams to move from idea to working PoC to validated use case
  • Partner with cybersecurity domain teams to understand their challenges, identify high-value AI use cases, and rapidly prototype agentic solutions
  • Design, build, and deploy agentic AI systems that autonomously perform cybersecurity tasks — including threat analysis, security control validation, intelligent triage, and response orchestration
  • Architect multi-agent orchestration systems, defining how AI agents collaborate, delegate, and escalate across security workflows
  • Implement robust agent infrastructure: tool use frameworks, memory and context management, planning/execution loops, guardrails, and human-in-the-loop controls
  • Build and maintain RAG pipelines, knowledge retrieval systems, and dynamic context assembly that underpin agent decision-making
  • Shepherd validated use cases through to production readiness and handoff to the dedicated product support team
  • Drive adoption and effective use of AI development tooling (Devin, GitHub Copilot, Claude Code) to maximize team velocity
  • Make key technical decisions on architecture, technology selection, and build-vs-integrate trade-offs
  • Incubator Platform & Technical Architecture (25%): Design and maintain the Incubator Environment architecture — a scalable, secure platform that enables rapid prototyping and validation of agentic AI use cases
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Security Engineering Manager

As our next Security Engineering Manager, you won't just be managing a technical...
Location
Location
United States , Chicago
Salary
Salary:
189000.00 - 231000.00 USD / Year
activecampaign.com Logo
ActiveCampaign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of hands-on experience in security engineering, security operations, or a combined discipline
  • At least 2 years in a team lead or management capacity
  • Deep AWS cloud security expertise, including IAM policy analysis and the hands-on use of cloud-native tools like GuardDuty and CloudTrail
  • Strategic experience with modern security stacks, including EDR platforms, Zero Trust networking architectures, and the selection/implementation of SIEM solutions in cloud-native environments
  • Technical proficiency in Python for tooling, automation, and enrichment workflows
  • A proven ability to communicate technical risk to non-technical stakeholders
  • Familiarity with compliance-adjacent security work, such as mapping controls for SOC 2, GDPR, or HIPAA and managing security awareness programs
Job Responsibility
Job Responsibility
  • Lead and mentor a focused team of engineers across Security Operations and Security Engineering
  • Drive threat detection and incident response operations, evolving our 'detection-as-code' practices
  • Act as a strategic partner to Engineering and IT, providing developer-facing guidance to advance our cloud security posture and remediate vulnerabilities
  • Own and mature our Zero Trust architecture, refining policy controls and DLP enforcement
  • Collaborate cross-functionally with Security Platform Engineering to enrich identity telemetry and close visibility gaps across our data pipelines
  • Represent the security organization in high-stakes conversations with executive stakeholders
  • Review and extend automation workflows using Python or SOAR platforms
What we offer
What we offer
  • Comprehensive Health & Wellness: Top-tier benefits package that includes a fully-covered High Deductible Health Plan (HDHP), complimentary access to telehealth services, and a free subscription to Calm
  • Growth & Development: Access to LinkedIn Learning, professional development programs, and career growth opportunities
  • Generous Paid Time Off: Open PTO
  • Total Rewards: Generous 401(k) matching with immediate vesting, quarterly perks with commuter and lunch benefits for hub based employees or a stipend for remote workers, and a four-week paid sabbatical with bonus after five years
  • Collaborative Culture
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Detection and Response

As a Senior Security Engineer on the Detection & Response team, you will play a ...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security technical engineering roles
  • 3+ years focused on security operations, detection engineering or incident response
  • Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows
  • Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments
  • Experience with endpoint, runtime, and forensic tools across multiple operating systems
  • Knowledge of cloud environments (e.g., AWS, GCP) and security best practices for cloud-native systems
  • Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling
  • Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments
  • Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning
  • Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization
  • Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness
  • Use automation, scripting, and Detection-as-Code practices to scale detection and response workflows and improve reliability
  • Own end-to-end security projects aligned with Detection & Response initiatives and broader security strategy
  • Participate in a shared on-call rotation and support high-severity incidents as needed
  • Contribute to operational maturity through playbooks, mentoring, tabletop exercises, audits, and cross-functional initiatives
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k
  • RRSP
  • Generous PTO
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Fulltime
Read More
Arrow Right

Security Engineer - Detection Engineering, Surface Coverage

Meta Security is looking for a Security Engineer with experience in threat model...
Location
Location
United States , Bellevue
Salary
Salary:
122000.00 - 181000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in Detection and Response Engineering or similar Security Engineering role
  • Bachelor's degree or equivalent experience in Cyber Security
  • Experience building complex automations and integrations using Security Orchestration, Automation and Response platforms
  • Experience designing systems used for responding to both external and insider threats
  • Experience analyzing network and host-based security events
  • Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols
  • Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
  • Coding/scripting experience in one or more general purpose languages
  • Experience with attacker tactics, techniques, and procedures
Job Responsibility
Job Responsibility
  • Lead cross-functional projects to improve our functionalities to effectively detect and respond to security incidents
  • Review security architecture of large-scale custom and commercial systems and under your own initiative propose logging, detection and prevention controls
  • Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
  • Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
  • Build response workflows and actions that auto-resolve false positives and provide context scaling our capacity to investigate
  • Support security incident response in a cross-functional environment and drive incident resolution
  • Design and implement attack testing automation to validate detection coverage
  • Build logging pipelines using our custom datasets and infrastructure
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries Tools About Us FAQ Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy