Sr Secutiy Engineer, Detection Engineering

Sr Security Engineer, Detection Engineering in Miami, FL at Lennar

Sr Security Engineer, Detection Engineering

We are Lennar

Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communities, and Associates by building quality homes and providing exceptional customer service, giving back to the communities in which we work and live in, and fostering a culture of opportunity and growth for our Associates throughout their career. Lennar has been recognized as a Fortune 500® company and consistently ranked among the top homebuilders in the United States.

Join a Company that Empowers you to Build your Future

The Sr Security Engineer, Detection Engineering leads detection engineering, automation, and monitoring and participates in incident response activities to protect the organization’s IT infrastructure. This role is responsible for designing, implementing, optimizing, and automating security operations processes, leveraging advanced technologies such as Microsoft Sentinel, Purview, Defender, and Palo Alto Cortex XDR. The Sr. Cybersecurity Engineer collaborates with SOC analysts, MDR partners, and cross‑functional teams to ensure rapid detection and effective response to security threats.

A career with purpose.

A career built on making dreams come true.

A career built on building zero defect homes, cost management, and adherence to schedules.

Your Responsibilities on the Team

Systems Security:

• Design, develop, and continuously optimize detection rules, analytics, and use cases for SIEM and XDR platforms (e.g., Microsoft Sentinel, Palo Alto Cortex XDR) to enhance threat detection and minimize false positives.
• Integrate threat intelligence feeds and behavioral analytics to improve detection capabilities and proactively identify emerging threats.

Automation Engineering:

• Architect and implement automation workflows using SOAR platforms and native integrations to streamline incident response, alert triage, and remediation processes.
• Develop playbooks and automated response actions to accelerate containment and recovery during security incidents.
• Participate in the full incident response lifecycle, including detection, containment, eradication, recovery, and post‑incident analysis for complex security events.
• Conduct forensic investigations, root cause analysis, and collaborate with internal and external stakeholders to ensure effective resolution and documentation of incidents.
• Maintain readiness for rapid response to critical security events, including participation in on‑call rotations and after‑hours escalations.

Security Operations:

• Monitor and analyze security events in real‑time across diverse environments (cloud, on‑premises, hybrid) using SIEM, XDR, and log management platforms.
• Conduct investigations, and escalation of security incidents, collaborating with MDR partners and SOC analysts to ensure timely and effective response.
• Tune and optimize SIEM rules, alerts, dashboards, and reporting mechanisms for improved visibility and operational efficiency.
• Demonstrate hands‑on experience with Microsoft security technologies (Sentinel, Purview, Defender for Cloud, Defender for Endpoint) and Palo Alto Cortex XDR.
• Integrate and manage security controls across cloud and endpoint environments, ensuring alignment with organizational policies and regulatory requirements.

Metrics & Reporting:

• Develop and maintain SOC metrics, dashboards, and executive‑level reporting on incident trends, detection effectiveness, automation outcomes, and overall SOC performance.
• Provide actionable insights and recommendations to leadership based on analysis of SOC data and security operations outcomes.
• Provide mentorship, guidance, and training to SOC analysts and junior team members, fostering a culture of continuous improvement and knowledge sharing.
• Work closely with engineering, IT, business units, and MDR partners to align security operations with organizational goals and drive cross‑functional initiatives.
• Contribute to the development and enhancement of SOC processes, playbooks, and best practices.
• Stay current with industry trends, emerging threats,…