×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Information Security Engineer, Senior

Job in Plano, Collin County, Texas, 75086, USA
Listing for: TCC Toyota Motor Credit Corporation Company
Full Time position
Listed on 2026-06-03
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Senior Cyber Security Engineer (Plano, TX)
Responsibilities

  • SIEM Engineering & Platform Health:
    • Lead the design, configuration, and ongoing maintenance of complex SIEM environments, including onboarding and managing diverse data sources, ensuring proper log parsing, normalization, and enrichment.
    • Proactively monitor platform health, troubleshoot ingestion failures, and optimize storage and performance to maintain operational excellence.
  • SOAR Development & Automation:
    • Design, build, and maintain SOAR playbooks and automated workflows that streamline alert triage, enrichment, and response actions.
    • Continuously identify opportunities to reduce manual effort and accelerate mean time to detect (MTTD) and mean time to respond (MTTR) through intelligent automation.
  • Agent Deployment & Endpoint Telemetry:
    • Lead the deployment, configuration, and lifecycle management of security agents across on-prem, cloud, and hybrid endpoint environments.
    • Ensure consistent agent coverage, policy enforcement, and telemetry collection to maximize detection visibility across the enterprise.
  • Detection Engineering & Data Source Management:
    • Develop and tune detection rules, correlation logic, and alerting thresholds within the SIEM to improve signal‑to‑noise ratio and detection accuracy.
    • Partner with threat intelligence and SOC teams to translate emerging threats into actionable detection content.
    • Manage the full lifecycle of data source integrations, including scoping, onboarding, validation, and ongoing health monitoring.
  • Scripting & Automation Development:
    • Leverage scripting languages such as Python and Power Shell to build custom tooling, automate repetitive engineering tasks, develop API integrations, and enhance platform capabilities beyond out‑of‑the‑box functionality.
  • Process Development & Standardization:
    • Assist in the development and maintenance of standard operating procedures (SOPs), engineering runbooks, and documentation that streamline data source onboarding, platform maintenance, and incident support workflows.
    • Continuously refine processes to improve efficiency and consistency.
Qualifications
  • 3-5 years of experience in cyber security engineering, with hands‑on expertise in SIEM administration and engineering, SOAR platform development, log management, data source onboarding, and security agent deployment and lifecycle management.
  • Subject matter expertise in one or more SIEM/SOAR platforms (e.g., Splunk, Microsoft Sentinel, Chronicle, Elastic, Palo Alto XSIAM/XSOAR, Phantom, Swimlane).
  • Strong understanding of log source types, parsing methodologies, data normalization techniques, and common log formats (e.g., Syslog, CEF, JSON, XML, Windows Event Logs).
  • Proficiency in scripting languages, particularly Python and Power Shell, with demonstrated ability to build automation, custom integrations, and engineering tooling.
  • Excellent communication skills with the ability to collaborate with and influence stakeholders at all levels, including SOC analysts, infrastructure teams, and leadership.
  • Additional Bonuses:
    • Possessing a bachelor’s degree in a relevant field (e.g., Cybersecurity, Computer Science, Engineering, Information Technology) or equivalent work experience.
    • Experience in a regulated industry (e.g., finance, healthcare, government).
    • Proficiency in additional query and scripting languages (e.g., CQL, SQL, KQL, SPL, EQL, Yara, Bash).
    • Experience with security agent platforms such as Crowd Strike Falcon or Halcyon.
    • Proficiency in AWS and Azure cloud environments, with a strong understanding of cloud‑native logging, data flows, and access management.
    • Experience building and maintaining API‑based integrations between security tools and platforms.
    • Familiarity with CI/CD pipelines and infrastructure‑as‑code practices applied to security tooling.
    • AWS certifications (Security – Specialty, Solutions Architect – Associate/Professional, Sys Ops Administrator – Associate).
    • Azure certifications (Security Operations Analyst Associate (SC-200), Azure Security Engineer Associate (AZ-500), Azure Administrator Associate (AZ-104)).
    • Cribl Certified Observability Engineer (CCOE), Cribl Certified Admin.
    • Crowd Strike certifications (Falcon Administrator (CCFA),…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search