Senior Cyber Security Engineer (DevSecOps)
Indexed description
The Cyber Security Engineer (DevSecOps) builds and maintains the automation, pipelines, and integrations that keep ECI’s flagship security platform running. This is a hands-on, implementation-focused role: you will write production Python, ship CI/CD and infrastructure-as-code, and build and operate detection and response workflows in the Elastic Stack (Elasticsearch, Logstash/Beats, Kibana). It suits an engineer with a strong software-development foundation who wants to own the build-and-deploy side of security operations and turn manual work into reliable, automated systems. You will report into and implement the standards set by the Cybersecurity Architect.
Position Responsibilities
- Build and maintain Python automation, services, and integrations that improve detection, response, and customer experience across the security platform
- Develop and operate CI/CD pipelines and infrastructure-as-code (Terraform, Ansible) to deploy and maintain security tooling
- Build and tune detection and response content in the Elastic Stack: data ingestion, parsing and normalization, detection rules, and Kibana dashboards
- Integrate security tools and data sources using REST APIs, webhooks, and SOAR playbooks
- Containerize and deploy workloads with Docker and Kubernetes following secure-deployment practices
- Write tests, documentation, and runbooks for the workflows and scripts you ship
- Work alongside the Cybersecurity Architect to implement the platform’s reference architecture and detection standards
- Degree in Computer Science or Cyber Security, or equivalent hands-on experience
- 2+ years building software in a professional setting, with strong Python development (services, automation, and APIs, not only light scripting)
- Hands-on experience with the Elastic Stack (Elasticsearch, Logstash/Beats, Kibana) for log ingestion, detection, or analytics
- Practical CI/CD experience, including automated testing, build pipelines, and secure deployment workflows
- Working knowledge of infrastructure-as-code (Terraform, Ansible, or Salt) and configuration management
- Proficiency with Git/GitHub in a collaborative engineering workflow
- Experience with REST APIs, webhooks, and integrations in automation workflows
- Familiarity with core security concepts: logging, alerting, threat detection, and incident response
- Working knowledge of Linux and Windows and their security implications
- Strong problem-solving mindset and clear written and verbal communication
- Experience automating detection and response workflows in a SIEM/XDR (Elastic preferred; Splunk or Microsoft Sentinel a plus)
- Working knowledge of the MITRE ATT&CK framework and its use in detection engineering
- Exposure to SOAR, MISP, or Sigma and detection-as-code practices
- Foundational cloud security on AWS or Azure (IAM, shared responsibility model, basic compliance)
- Exposure to container security and Kubernetes hardening
- Interest in applying AI tooling to security automation
Love Your Job, Share Your Technology Passion, Create Your Future Here!
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search