Note: The job is a remote job and is open to candidates in USA. Cyera is a leading data security platform focused on reinventing data security for businesses. The Security Engineer role involves building and improving security workflows and operations within a modern SOC environment, emphasizing automation and cloud security.
Responsibilities
- Build, maintain, and improve security workflows, integrations, detection processes, and operational tooling within an agentic SOC
- Work with automation, AI-assisted workflows, and agent-based capabilities that support alert triage, investigation, enrichment, and response
- Help design, configure, maintain, and troubleshoot log ingestion flows into the SIEM from AWS, applications, infrastructure, endpoint tools, and security platforms
- Create, tune, and maintain detection rules, alert logic, dashboards, playbooks, and investigation workflows
- Develop Python scripts and automations for alert enrichment, data processing, reporting, workflow improvement, and security operations support
- Support cloud security logging, monitoring, IAM reviews, and cloud detection use cases
- Review, analyze, and correlate security alerts and logs to identify suspicious activity and support investigations
- Assist with security event investigations, escalation, containment, remediation, and post-incident improvements
- Help improve SOC processes, playbooks, detection coverage, documentation, and response workflows
- Partner with security, cloud, IT, and engineering teams to improve visibility, reduce risk, and strengthen security operations
Skills
- 2-3 years of experience in cybersecurity, SOC operations, security engineering, cloud security, detection engineering, or incident response
- Working knowledge of AWS services, cloud security fundamentals, logging, monitoring, IAM, and basic cloud architecture
- AWS entry-level certification required at minimum, such as AWS Certified Cloud Practitioner. AWS Solutions Architect - Associate or AWS Security Specialty is a plus
- Hands-on proficiency with Python for scripting, automation, data processing, security tooling, or workflow development
- Experience working with SIEM platforms, including log ingestion, parsing, alerting, dashboards, and detection logic
- Experience building, maintaining, or troubleshooting log flows from applications, infrastructure, AWS services, endpoint tools, or security platforms into a SIEM
- Strong understanding of SOC workflows, alert triage, investigation, escalation, and incident response processes
- Ability to help develop, tune, and improve detections based on logs, threat behavior, and operational needs
- Familiarity with agentic concepts, agentic frameworks, AI-assisted workflows, autonomous or semi-autonomous agents, and practical security operations use cases
- Hands-on exposure to LLMs, AI agents, agentic workflows, or AI-assisted security operations
- Experience with Sigma, SPL, KQL, SQL, YARA, or similar detection/query languages
- Familiarity with Terraform, CloudFormation, CDK, or similar tools
Benefits
- Ability to work remotely, with office setup reimbursement
- Unlimited PTO
- Paid holidays and sick time
- Health, vision, and dental insurance
- Life, short and long-term disability insurance
Company Overview
Company H1B Sponsorship