MDR Security Engineer

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an MDR Security Engineer based in United States.

This role sits at the core of a high-scale Managed Detection and Response (MDR) operation, where automation directly shapes the speed and quality of global incident response. You will design and operate the automation layer that powers 24/7 security monitoring, investigation, and response workflows. Acting as a bridge between security operations and engineering, you will transform complex SOC processes into scalable, reliable systems. Your work will reduce manual analyst effort while improving detection accuracy and response consistency. In a fast-paced, data-driven environment, you will help elevate operational maturity across global security operations. This is a hands-on engineering role with direct impact on real-time threat mitigation at scale.

• Design, develop, and maintain SOAR playbooks, workflows, and integrations that support end-to-end MDR operations, ensuring scalability and reliability in production environments.
• Build and operate automation systems for alert triage, enrichment, investigation, and response across diverse security tools and platforms.
• Identify high-impact SOC processes and drive automation strategies that improve efficiency, reduce workload, and enhance detection and response performance.
• Develop and maintain integrations across SIEM, EDR/XDR, IAM, cloud, and ticketing systems using APIs, scripting, and workflow orchestration tools.
• Collaborate with SOC analysts, incident responders, and engineering teams to convert manual procedures into automated, repeatable workflows.
• Improve incident response effectiveness by automating enrichment, investigation steps, and containment actions to increase speed and consistency.
• Contribute to post-incident reviews and RCA processes by delivering tooling and automation that improves investigative accuracy and efficiency.
• Evaluate and implement emerging automation capabilities, including AI-assisted workflows and intelligent decisioning systems.

Requirements

• 4+ years of experience in Security Operations, MDR, Incident Response, or Security Engineering roles.
• 2–3+ years of hands-on experience working with SOAR platforms and security automation in production environments.
• Strong understanding of SOC workflows, alert triage, escalation processes, and incident response methodologies.
• Experience with enterprise security tools such as SIEM, SOAR, EDR/XDR, and identity management systems (e.g., Active Directory).
• Solid scripting and development skills in Python, PowerShell, or Bash, with experience building APIs and system integrations.
• Familiarity with CI/CD pipelines, Git-based version control, and deploying automation at scale.
• Strong analytical and problem-solving abilities with a focus on translating complex security workflows into automated solutions.
• Excellent communication and cross-functional collaboration skills across engineering and security operations teams.
• Bonus: experience with AI-driven automation, large-scale orchestration, or threat hunting/detection engineering.

Benefits

• Competitive compensation aligned with experience and market benchmarks
• Flexible working arrangements, including remote or hybrid options depending on location
• Health, dental, and vision insurance coverage (where applicable)
• Opportunities for professional development and continuous learning in advanced security technologies
• Exposure to large-scale MDR operations and cutting-edge security automation initiatives
• Collaborative, high-impact environment focused on innovation and operational excellence