Senior Security Engineer – SIEM, Automation, Elastic Security
Red Lobster
full-time
Posted on:
Location Type: Office
Location: Orlando • Florida • United States
Visit company websiteExplore more
Job Level
About the role
- Serve as a senior member of the Cybersecurity Engineering team responsible for designing, implementing, and optimizing enterprise security monitoring and automation capabilities.
- Led the architecture and operational maturity of the organization’s SIEM platform with a focus on Elasticsearch and security automation to improve threat detection, incident response, and visibility across enterprise infrastructure.
- Partnered with product, platform, DevOps, and security teams to integrate security telemetry, automate workflows, and strengthen the organization’s overall cybersecurity posture.
- Design, implement, and maintain enterprise SIEM infrastructure, including Elasticsearch clusters, log pipelines, indexing strategies, and data ingestion from cloud, network, endpoint, and application sources.
- Develop and maintain SIEM detection content, including correlation rules, dashboards, threat detection use cases, and alerting frameworks to improve security monitoring and incident detection.
- Lead the Elasticsearch roadmap and platform strategy, ensuring scalability, high availability, performance optimization, and alignment with enterprise security initiatives.
- Built security automation workflows and scripts to streamline incident response, threat hunting, log enrichment, and security operations processes.
- Integrate SIEM/SOAR capabilities with security technologies including EDR, threat intelligence platforms, vulnerability scanners, identity systems, and network security tools to create a unified security monitoring ecosystem.
- Tune and optimize detection logic and log pipelines to reduce false positives and improve signal-to-noise ratio across security monitoring platforms.
- Collaborate with SOC analysts and incident response teams to investigate alerts, conduct forensic analysis, and identify root causes of security incidents.
- Ingest and operationalize threat intelligence feeds to enhance detection capabilities and proactively identify emerging threats.
- Implement monitoring and alerting frameworks to ensure health, performance, and availability of SIEM and Elasticsearch infrastructure.
- Analyze network, system, and application logs to identify security incidents, anomalies, and threat activity trends.
- Partner with cross-functional IT teams to integrate security telemetry from cloud platforms (Azure/AWS), Linux and Windows servers, networking systems, and enterprise applications.
- Develop automation workflows for operational security tasks, including vulnerability management, patch validation, and configuration monitoring.
- Support incident response planning and execution, leveraging SIEM analytics and automation to accelerate investigation and containment.
- Generate security metrics and reporting on incident trends, detection effectiveness, and operational KPIs for leadership and governance reporting.
- Assist with cybersecurity audits, vulnerability assessments, and penetration test remediation efforts.
- Contribute to the development and improvement of security architecture standards, policies, and governance frameworks.
- Evaluate emerging security technologies and recommend improvements to security monitoring, automation, and detection capabilities.
- Provide mentorship and guidance to junior security engineers and analysts while promoting security engineering best practices across teams.
Requirements
- Bachelor’s degree (B.A. or B.S.) in computer science, cybersecurity or a related field from a four-year college or university
- At least 5 years of experience in cybersecurity, especially in a security engineering role
- Three or more years of progressive technology management experience in cross-functional teams
- Strong familiarity with project and program management disciplines, methodologies, and processes
- Familiarity with the functioning of a program management office and governance frameworks
- Hands on experience with cross-functional execution
- Hospitality industry product development experience is a plus
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- Strong problem-solving and trouble-shooting skills.
- Deep understanding of current and emerging cybersecurity technologies and how other enterprises are employing them to drive digital business, and how they may be applied to drive digital business.
- Strong customer service orientation in combination with persuasive skills and diplomacy to lead change and guide decisions.
- Highly self-motivated and directed.
- Team oriented and skilled in working within a collaborative environment
- Ability to appropriately prioritize and execute tasks in a fast-paced, service-intensive environment.
- Effective oral and written communication skills, including the ability to explain digital concepts and technologies to business leaders, as well as business concepts to technologists.
- Ability to effectively interact with all levels of management, from individual contributors to the executive team.
- Certified information systems security professional (CISSP) desired but not required. Additional certifications such as GIAC, CEH, or SIEM platform certifications are beneficial.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
SIEMElasticsearchsecurity automationlog pipelinescorrelation rulesthreat detectionincident responsesecurity monitoringdata ingestionvulnerability management
Soft Skills
decision-makingproblem-solvingcustomer service orientationself-motivatedteam orientedeffective communicationcollaborativeprioritizationtroubleshootingpersuasive skills
Certifications
CISSPGIACCEHSIEM platform certifications