Information Security Engineer, I

AI-Enhanced Incident Response:

Design, build, and deploy agentic AI frameworks to accelerate the full incident response lifecycle, from initial detection and triage to containment and eradication. Develop and refine sophisticated SOAR (Security Orchestration, Automation, and Response) playbooks that leverage AI prompts for dynamic, context-aware decision-making and automated remediation actions. Integrate AI agents into existing security platforms (SIEM, EDR, XDR) to provide real-time analysis of security events, automated evidence gathering, and recommended response actions for SOC analysts. Develop AI models and prompts to automate the collection, correlation, and analysis of threat intelligence from multiple sources, providing actionable insights tailored to our threat landscape. Build AI agents capable of contextualizing threat intelligence, predicting potential attack vectors, and recommending proactive defensive adjustments. Implement AI-driven workflows to automate the identification, prioritization, and remediation of vulnerabilities across the enterprise. Develop SOAR rules and AI prompts to orchestrate mitigation efforts, reducing the mean time to remediate (MTTR). Collaborate with security analysts to identify and develop custom AI-powered tools and automations that address specific operational challenges and reduce manual effort. Bachelor's Degree required or equivalent experience 0-2 years of experience Proven experience in a 24/7 SOC environment with hands-on responsibilities in incident response, threat hunting, or threat intelligence. Strong practical experience with SOAR platforms (e.g., Palo Alto XSOAR, Splunk SOAR, Microsoft Sentinel) and developing complex automation playbooks. Demonstrated ability to write and utilize scripts (e.g., Python) for security automation and integration. Deep understanding of existing security platforms such as SIEM, EDR, and threat intelligence platforms. Familiarity with the concepts of AI in cybersecurity, including crafting effective prompts for security use cases and understanding the principles of agentic AI workflows. Hands-on experience integrating AI, particularly large language models (LLMs), into security tools and workflows. Direct experience with AI-native security platforms like Microsoft Security Copilot. Knowledge of API integration for connecting disparate security systems and data sources. A strong understanding of threat actor methodologies (TTPs) and the

MITRE ATT&CK

framework. Certifications related to security operations, automation, or cloud security (e.g., GCIH, GCIA, GDAT). Good verbal and written communication Skills Ability to understand end user issues Technical hands-on experience Able to work independently and excel in a collaborative environment Ability to trouble shoot Demonstrated knowledge of applicable IT systems/applications Ability to develop new systems and tools Demonstrated analytical skills Comfortable performing in a fast-paced, high growth, rapidly changing environment Ability to identify and implement process improvements