Sr Secutiy Engineer, Detection Engineering

Lennar Corp.,•Irving, TX

49d

About The Position

Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communities, and Associates by building quality homes and providing exceptional customer service, giving back to the communities in which we work and live in, and fostering a culture of opportunity and growth for our Associates throughout their career. Lennar has been recognized as a Fortune 500 company and consistently ranked among the top homebuilders in the United States. Join a Company that Empowers you to Build your Future The Sr Security Engineer, Detection Engineering leads detection engineering, automation, and monitoring and participates in incident response activities to protect the organization's IT infrastructure. This role is responsible for designing, implementing, optimizing, and automating security operations processes, leveraging advanced technologies such as Microsoft Sentinel, Purview, Defender, and Palo Alto Cortex XDR. The Sr. Cybersecurity Engineer collaborates with SOC analysts, MDR partners, and cross-functional teams to ensure rapid detection and effective response to security threats. A career with purpose. A career built on making dreams come true. A career built on building zero defect homes, cost management, and adherence to schedules.

Requirements

Bachelor's degree required in Computer Science, Cybersecurity, Engineering, or related field. Master's degree preferred.
5+ years of relevant work experience in security operations, with a focus on SOC environments, incident detection/response, and threat hunting.
5+ years of experience implementing and managing SIEM and XDR technologies in a mid to large-scale enterprise environment, including Microsoft Sentinel and Palo Alto Cortex XDR.
5+ years of experience with detection engineering, including developing and tuning detection rules, analytics, and use cases for SIEM and XDR platforms.
3+ years of experience with automation engineering, designing and implementing automated workflows for incident response and alert triage using SOAR platforms or native integrations.
Strong knowledge and experience with Microsoft Security Solutions, such as Microsoft Purview, Defender for Cloud, and Defender for Endpoint, and Palo Alto Cortex XDR.
Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), CompTIA Cybersecurity Analyst+ (CySA+), Microsoft Security Operations Center Analyst (SC-200), AWS Certified Security-Specialty, or similar advanced security certifications preferred.

Nice To Haves

Expert-level proficiency in detection engineering, including the creation, tuning, and optimization of detection rules, analytics, and use cases for SIEM and XDR platforms (e.g., Microsoft Sentinel, Palo Alto Cortex XDR).
Advanced skills in automation engineering, with hands-on experience designing and implementing automated workflows for incident response, alert triage, and remediation using SOAR platforms and native integrations.
Deep understanding of incident response methodologies, forensic investigation, malware analysis, and root cause analysis for complex security events.
Strong knowledge of Microsoft security technologies, including Sentinel, Purview, Defender for Cloud, and Defender for Endpoint, as well as Palo Alto Cortex XDR for threat detection, investigation, and response.
Experience integrating and operationalizing threat intelligence feeds, behavioral analytics, and data sources to enhance detection and response capabilities.
Proficiency in cloud security, endpoint protection, network security principles, and current threat landscape, with the ability to secure hybrid and multi-cloud environments.
Familiarity with vulnerability management tools (e.g., Rapid7, Nessus, Qualys), and experience conducting network-based vulnerability assessments.
Skilled in developing and maintaining SOC metrics, dashboards, and executive-level reporting on incident trends, detection effectiveness, and automation outcomes.
Maintain and foster productive communication channels with security solution partners, vendors, service providers, and consulting entities.
Ability to facilitate productive meetings and work successfully in a team-oriented environment.
Commitment to staying current with industry trends and pursuing relevant certifications and training.

Responsibilities

Design, develop, and continuously optimize detection rules, analytics, and use cases for SIEM and XDR platforms (e.g., Microsoft Sentinel, Palo Alto Cortex XDR) to enhance threat detection and minimize false positives.
Integrate threat intelligence feeds and behavioral analytics to improve detection capabilities and proactively identify emerging threats.
Architect and implement automation workflows using SOAR platforms and native integrations to streamline incident response, alert triage, and remediation processes.
Develop playbooks and automated response actions to accelerate containment and recovery during security incidents.
Participate in the full incident response lifecycle, including detection, containment, eradication, recovery, and post-incident analysis for complex security events.
Conduct forensic investigations, root cause analysis, and collaborate with internal and external stakeholders to ensure effective resolution and documentation of incidents.
Maintain readiness for rapid response to critical security events, including participation in on-call rotations and after-hours escalations.
Monitor and analyze security events in real-time across diverse environments (cloud, on-premises, hybrid) using SIEM, XDR, and log management platforms.
Conduct investigations, and escalation of security incidents, collaborating with MDR partners and SOC analysts to ensure timely and effective response.
Tune and optimize SIEM rules, alerts, dashboards, and reporting mechanisms for improved visibility and operational efficiency.
Demonstrate hands-on experience with Microsoft security technologies (Sentinel, Purview, Defender for Cloud, Defender for Endpoint) and Palo Alto Cortex XDR.
Integrate and manage security controls across cloud and endpoint environments, ensuring alignment with organizational policies and regulatory requirements.
Develop and maintain SOC metrics, dashboards, and executive-level reporting on incident trends, detection effectiveness, automation outcomes, and overall SOC performance.
Provide actionable insights and recommendations to leadership based on analysis of SOC data and security operations outcomes.
Provide mentorship, guidance, and training to SOC analysts and junior team members, fostering a culture of continuous improvement and knowledge sharing.
Work closely with engineering, IT, business units, and MDR partners to align security operations with organizational goals and drive cross-functional initiatives.
Contribute to the development and enhancement of SOC processes, playbooks, and best practices.
Stay current with industry trends, emerging threats, and new technologies to ensure the SOC remains effective and resilient.

Benefits

robust health insurance plans, including Medical, Dental, and Vision coverage
401(k) Retirement Plan, complete with a $1 for $1 Company Match up to 5%
Paid Parental Leave
Associate Assistance Plan
Education Assistance Program
up to $30,000 in Adoption Assistance
up to three weeks of vacation annually, alongside generous Holiday, Sick Leave, and Personal Day policies
New Hire Referral Bonus Program
significant Home Purchase Discounts
Everyone's Included Day