Security Engineer

Cyera•St. Louis, MO

2d•Remote

About The Position

Join our team as a Security Engineer working within an agentic SOC environment. This role is designed for someone who is ready to grow beyond traditional analyst responsibilities and move deeper into security engineering, automation, cloud security, detection engineering, and AI-assisted security operations. You will help build, operate, and improve a modern SOC that uses automation, agentic workflows, AI-assisted investigation, and security engineering practices to improve detection, triage, response, and overall security visibility. This is a hands-on role for someone who enjoys solving technical problems, improving systems, and building security capabilities rather than only monitoring alerts. The ideal candidate has 2–3 years of cybersecurity experience, a strong SOC foundation, hands-on AWS knowledge, Python proficiency, and experience working with SIEM data and log pipelines. We are looking for someone motivated, curious, and eager to grow into a stronger security engineer within a modern, engineering-driven SOC model.

Requirements

2–3 years of experience in cybersecurity, SOC operations, security engineering, cloud security, detection engineering, or incident response.
Working knowledge of AWS services, cloud security fundamentals, logging, monitoring, IAM, and basic cloud architecture.
AWS entry-level certification required at minimum, such as AWS Certified Cloud Practitioner. AWS Solutions Architect – Associate or AWS Security Specialty is a plus.
Hands-on proficiency with Python for scripting, automation, data processing, security tooling, or workflow development.
Experience working with SIEM platforms, including log ingestion, parsing, alerting, dashboards, and detection logic.
Experience building, maintaining, or troubleshooting log flows from applications, infrastructure, AWS services, endpoint tools, or security platforms into a SIEM.
Strong understanding of SOC workflows, alert triage, investigation, escalation, and incident response processes.
Ability to help develop, tune, and improve detections based on logs, threat behavior, and operational needs.
Familiarity with agentic concepts, agentic frameworks, AI-assisted workflows, autonomous or semi-autonomous agents, and practical security operations use cases.

Nice To Haves

Hands-on exposure to LLMs, AI agents, agentic workflows, or AI-assisted security operations.
Experience with Sigma, SPL, KQL, SQL, YARA, or similar detection/query languages.
Familiarity with Terraform, CloudFormation, CDK, or similar tools.

Responsibilities

Build, maintain, and improve security workflows, integrations, detection processes, and operational tooling within an agentic SOC.
Work with automation, AI-assisted workflows, and agent-based capabilities that support alert triage, investigation, enrichment, and response.
Help design, configure, maintain, and troubleshoot log ingestion flows into the SIEM from AWS, applications, infrastructure, endpoint tools, and security platforms.
Create, tune, and maintain detection rules, alert logic, dashboards, playbooks, and investigation workflows.
Develop Python scripts and automations for alert enrichment, data processing, reporting, workflow improvement, and security operations support.
Support cloud security logging, monitoring, IAM reviews, and cloud detection use cases.
Review, analyze, and correlate security alerts and logs to identify suspicious activity and support investigations.
Assist with security event investigations, escalation, containment, remediation, and post-incident improvements.
Help improve SOC processes, playbooks, detection coverage, documentation, and response workflows.
Partner with security, cloud, IT, and engineering teams to improve visibility, reduce risk, and strengthen security operations.