Cybersecurity Software Engineer (SIEM & Automation)

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience).
• 3–5 years of professional software development experience.
• Proficiency in one or more programming languages: Python, Java, JavaScript, or C#.
• Experience developing REST APIs and integrating enterprise platforms.
• Hands-on scripting experience (Python, Bash, PowerShell).
• Experience deploying and administering Linux systems.
• Familiarity with SIEM platforms (Splunk, Sentinel, or equivalent).
• Knowledge of cybersecurity fundamentals and secure coding practices.

Nice To Haves

• 5–8 years of professional software development experience.
• Advanced experience building security automation and platform integrations.
• Hands-on experience with penetration testing tools and Kali Linux environments.
• Experience developing security data pipelines and SIEM integrations.
• Experience with containerization and virtualization (Docker, VMware, cloud-hosted labs).
• Ability to design scalable and resilient security tool architectures.
• Experience working in regulated or government environments preferred.
• OSCP, CEH, or equivalent penetration testing certification.
• Splunk Certified Developer or SIEM integration experience.
• Security+, CISSP, or equivalent security certification.
• Linux administration certification.

Responsibilities

• Security Engineering & Development Design and develop secure software components, APIs, and microservices to support penetration testing workflows and security automation.
• Build custom integrations between penetration testing platforms, vulnerability scanning tools, and enterprise SIEM platforms.
• Develop data ingestion pipelines to normalize and forward security telemetry into Splunk and other SIEM platforms.
• Create automation scripts to orchestrate security testing, evidence collection, and reporting processes.
• Support integration of security testing results into governance, risk, and compliance (GRC) platforms.
• Penetration Testing Enablement Build and maintain Kali Linux-based penetration testing infrastructure, including virtualized and cloud-hosted environments.
• Configure and manage penetration testing toolchains, frameworks, and supporting services.
• Develop custom exploit scripts, test harnesses, and proof-of-concept code to validate security findings.
• Support red team and application penetration testing engagements through automation and tool development.
• SIEM & Security Operations Integration Develop APIs and connectors to integrate security tools with enterprise SIEM platforms.
• Implement log parsing, enrichment, and normalization logic to improve detection fidelity.
• Automate alert enrichment, correlation, and reporting workflows.
• Collaborate with CSOC teams to align development efforts with detection and monitoring requirements.
• Scripting & Automation Develop scripts using Python, PowerShell, Bash, or similar languages to automate security operations and testing processes.
• Implement CI/CD pipelines for security tooling and integration code.
• Maintain version control repositories and documentation for developed solutions.
• Security & Compliance Alignment Ensure developed solutions comply with HHSC security standards, DIR security control requirements, and NIST-based frameworks.
• Participate in architecture reviews, risk assessments, and technical design sessions.
• Produce technical documentation, configuration guides, and operational runbooks.