Senior API Engineer (Python)

Senior Security Engineer Boston MA Long Term Contract 5+ years in SOC / SecOps / Incident Response, with at least 2+ years focused on detection engineering. Direct hands on with Google Security Operations (Google SecOps / Chronicle) for:

• Writing and tuning YARA L detection rules.
• Managing log sources and reference lists.
• Running investigations and hunts in SecOps.

Proven Detection as Code implementation:

• Detections stored as code in Git/GitHub (YAML/JSON or similar).
• Use of branches, pull requests, and code review for rule changes.
• CI/CD pipeline to test and deploy rules to Google SecOps (or another SIEM) not just manual uploads.

Strong Python for security engineering:

• Building data parsers and enrichment scripts.
• Automating interactions with Google SecOps / SIEM / SOAR APIs.
• Implementing test harnesses for detections (synthetic logs, unit tests).

Strong SOAR / playbook experience:

• Hands on with Google SecOps SOAR or equivalent (Cortex XSOAR, Splunk SOAR, etc.).
• Built playbooks for phishing, suspicious logins, brute force, WAF events, including enrichment and containment steps.

Solid L2/L3 SOC capability:

• Has led investigations for account compromise, ransomware, and web app attacks.
• Comfortable owning incidents end to end and communicating updates to stakeholders.

Strong written and verbal communication in English, suitable for US customer calls and incident bridges. For applications and inquiries, contact: [email protected] Apply tot his job Apply To this Job