CrawlJobs Logo

Lead SOAR Engineer

take2games.com Logo

Take-Two Interactive Software, Inc.

Location Icon

Location:
United States , Las Vegas

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a Lead Security Operations Engineer to design, implement, and lead our Security Orchestration, Automation, and Response (SOAR) platform. In this role, you'll be the technical leader responsible for building and optimizing our security automation capabilities. You will work with a diverse set of technologies, including various security tools, APIs, and cloud services, to streamline our security operations and enhance our incident response efficiency. Your expertise will directly contribute to safeguarding Take-Two and its labels systems, networks, and data.

Job Responsibility:

  • Lead the design, development, and maintenance of SOAR playbooks, workflows, and integrations with other security tools
  • Identify and implement automation opportunities to improve the speed and accuracy of security operations and incident response
  • Act as a domain expert for SOAR, providing technical guidance, mentorship, and support to the security team
  • Partner with other security teams to ensure SOAR capabilities align with the overall security strategy
  • Create and maintain comprehensive documentation for workflows and integrations, and develop reports to measure program success
  • Assist with SOAR tool migrations, document all system changes, and stay ahead of the latest SOAR and automation trends

Requirements:

  • 5+ years’ experience as a SOAR Engineer
  • Deep expertise in designing, building, and maintaining automated security workflows and playbooks using a SOAR platform
  • The ability to analyze complex security challenges, find opportunities to automate repetitive manual tasks, and develop data-driven solutions
  • Excellent written and verbal communication skills
  • Hands-on experience with a leading SOAR platform (Palo Alto Networks Cortex XSOAR, Tines or Splunk Enterprise Security) coupled with advanced scripting skills in Python

Nice to have:

  • Relevant industry certifications such as GCED, GCIH, GMON, CEH, etc. or other certifications from organizations like ISC2 or CompTIA
  • Proficiency in programming and scripting languages common to security such as Python, Go, Bash, or Powershell, Javascript
  • Knowledge of security frameworks including MITRE Att&ck, NIST, etc.
  • Prior experience leading a small team or a project
What we offer:
  • Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, free games & events and stocked pantries

Additional Information:

Job Posted:
December 12, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Take-Two Interactive Software, Inc. - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Lead SOAR Engineer

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Lead Security Operations Engineer

We are looking for a Lead Security Operations Engineer to design, implement, and...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years’ experience as a SOAR Engineer
  • Deep expertise in designing, building, and maintaining automated security workflows and playbooks using a SOAR platform
  • The ability to analyze complex security challenges, find opportunities to automate repetitive manual tasks, and develop data-driven solutions
  • Excellent written and verbal communication skills
  • Hands-on experience with a leading SOAR platform (Palo Alto Networks Cortex XSOAR, Tines or Splunk Enterprise Security) coupled with advanced scripting skills in Python
Job Responsibility
Job Responsibility
  • SOAR Platform Management: Lead the design, development, and maintenance of SOAR playbooks, workflows, and integrations with other security tools
  • Automation and Optimization: Identify and implement automation opportunities to improve the speed and accuracy of security operations and incident response
  • Technical Leadership: Act as a domain expert for SOAR, providing technical guidance, mentorship, and support to the security team
  • Collaboration and Strategy: Partner with other security teams to ensure SOAR capabilities align with the overall security strategy
  • Documentation and Reporting: Create and maintain comprehensive documentation for workflows and integrations, and develop reports to measure program success
  • Change Management and Maintenance: Assist with SOAR tool migrations, document all system changes, and stay ahead of the latest SOAR and automation trends
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Fulltime
Read More
Arrow Right

Technical Engineering Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • Extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
  • Fulltime
Read More
Arrow Right

Technical Engineer Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • An extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
Read More
Arrow Right

Senior Security Engineer, Detection and Response

As a Senior Security Engineer on the Detection & Response team, you will play a ...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security technical engineering roles
  • 3+ years focused on security operations, detection engineering or incident response
  • Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows
  • Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments
  • Experience with endpoint, runtime, and forensic tools across multiple operating systems
  • Knowledge of cloud environments (e.g., AWS, GCP) and security best practices for cloud-native systems
  • Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling
  • Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments
  • Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning
  • Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization
  • Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness
  • Use automation, scripting, and Detection-as-Code practices to scale detection and response workflows and improve reliability
  • Own end-to-end security projects aligned with Detection & Response initiatives and broader security strategy
  • Participate in a shared on-call rotation and support high-severity incidents as needed
  • Contribute to operational maturity through playbooks, mentoring, tabletop exercises, audits, and cross-functional initiatives
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k
  • RRSP
  • Generous PTO
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Fulltime
Read More
Arrow Right

Security Engineer - Detection Engineering, Surface Coverage

Meta Security is looking for a Security Engineer with experience in threat model...
Location
Location
United States , Bellevue
Salary
Salary:
122000.00 - 181000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in Detection and Response Engineering or similar Security Engineering role
  • Bachelor's degree or equivalent experience in Cyber Security
  • Experience building complex automations and integrations using Security Orchestration, Automation and Response platforms
  • Experience designing systems used for responding to both external and insider threats
  • Experience analyzing network and host-based security events
  • Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols
  • Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
  • Coding/scripting experience in one or more general purpose languages
  • Experience with attacker tactics, techniques, and procedures
Job Responsibility
Job Responsibility
  • Lead cross-functional projects to improve our functionalities to effectively detect and respond to security incidents
  • Review security architecture of large-scale custom and commercial systems and under your own initiative propose logging, detection and prevention controls
  • Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
  • Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
  • Build response workflows and actions that auto-resolve false positives and provide context scaling our capacity to investigate
  • Support security incident response in a cross-functional environment and drive incident resolution
  • Design and implement attack testing automation to validate detection coverage
  • Build logging pipelines using our custom datasets and infrastructure
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Senior Detection Engineer

As our next Senior Detection Engineer, you won’t just be monitoring dashboards—y...
Location
Location
United States , Chicago
Salary
Salary:
126000.00 - 154000.00 USD / Year
activecampaign.com Logo
ActiveCampaign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in detection engineering, incident response, or security operations within high-growth technology environments
  • Advanced programming proficiency in Python, with a proven ability to build production-quality security automations and custom integrations from scratch
  • Deep expertise in Cloud Security (AWS), including a comprehensive understanding of IAM, VPC, CloudTrail, and Lambda attack vectors
  • Mastery of detection logic in at least two major languages, such as YARA-L, Sigma, KQL, or SPL
  • A track record of building SOAR workflows or equivalent automation platforms that measurably reduce operational overhead at scale
  • Exceptional communication skills, with the ability to distill complex security risks into actionable insights and influence technical decisions across the organization
  • Experience using AI/LLMs as a strategic tool for threat analysis, investigation automation, and increasing the velocity of security work
  • A self-directed, engineering-first mindset, ideally with a background in SRE, DevOps, or platform engineering and a history of contributing to open-source security projects
Job Responsibility
Job Responsibility
  • Design and deploy sophisticated detection logic across our entire technology stack using detection-as-code principles like YARA-L, Sigma, and KQL
  • Build automated response workflows that independently enrich, triage, and remediate security alerts, effectively eliminating manual toil through advanced SOAR principles
  • Investigate complex security signals—such as novel attack patterns or phishing campaigns—that require deep human judgment and strategic intuition
  • Collaborate cross-functionally with DevOps and Security Engineering teams to adapt detection logic to infrastructure changes before security blind spots can emerge
  • Leverage AI and LLMs as force multipliers to accelerate threat hunting, generate new detection hypotheses, and automate repetitive investigative tasks
  • Lead post-incident reviews with engineering partners, transforming security findings into preventative architectural changes that harden our long-term defense
  • Prototype and test emerging detection capabilities and data sources, ensuring we stay ahead of the threat landscape while participating in an on-call rotation to defend our most critical systems
What we offer
What we offer
  • Comprehensive Health & Wellness: Top-tier benefits package that includes a fully-covered High Deductible Health Plan (HDHP), complimentary access to telehealth services, and a free subscription to Calm
  • Growth & Development: Access to LinkedIn Learning, professional development programs, and career growth opportunities in a fast-growing organization
  • Generous Paid Time Off: Recharge and take the time you need to maintain work-life balance with open PTO
  • Total Rewards: Generous 401(k) matching with immediate vesting, quarterly perks with commuter and lunch benefits for hub based employees or a stipend for remote workers, and a four-week paid sabbatical with bonus after five years
  • Collaborative Culture: Work alongside brilliant, passionate colleagues in an environment that values innovation, teamwork, and mutual support
  • Fulltime
Read More
Arrow Right

Senior Security Investigator

The CyberSecurity Incident Response team (CIRT) is at the forefront of protectin...
Location
Location
United States , Seattle; San Francisco; Sunnyvale
Salary
Salary:
180000.00 - 200000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 5+ years of experience in Security Investigations, Incident Response, Threat Hunting, or Digital Forensics within large-scale or high-risk environments.
  • Proven expertise with forensic tooling, log analysis, SIEM platforms, EDR solutions, and cloud investigation workflows (AWS/GCP/Azure).
  • Strong understanding of attacker TTPs, modern threat landscape, and frameworks like MITRE ATT&CK.
  • Hands-on experience building automation using Python, APIs, SOAR, or equivalent frameworks.
  • Ability to lead complex investigations end-to-end and communicate findings effectively to senior leadership.
  • Experience running or contributing to large cross-company security projects.
Job Responsibility
Job Responsibility
  • Lead complex security investigations end-to-end and perform deep forensic analysis across endpoints, cloud environments, identity systems, networks, and application logs to uncover root cause and attack paths.
  • Own & Build automation and tooling to accelerate evidence collection, log enrichment, triage workflows, and decision-making at global scale.
  • Improve detection and response capabilities by partnering with Threat Intelligence, Detection Engineering, and Platform teams.
  • Lead major cross-functional security initiatives that strengthen investigative readiness, digital forensics, cloud incident response, and threat-hunting capabilities.
  • Mentor and develop investigators and analysts, providing technical guidance, reviewing casework, and elevating investigative rigor.
  • Continuously evolve investigation methodology by analyzing trends, identifying gaps, and embedding lessons learned back into the security ecosystem.
What we offer
What we offer
  • Eligible to participate in Uber's bonus program
  • May be offered an equity award & other types of comp
  • Eligible for various benefits (details at provided link)
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy