Key Facts

Remote From:

United States

Category: Security Engineer

Full time

Mid-level (2-5 years)

English

Hard Skills

Operations Security Incident Response XMD Active Directory Python (Programming Language) Windows PowerShell Bash (Scripting Language) Scripting CI/CD Intelligent Automation +1 more

Other Skills

•
Analytical Thinking
•
Problem Solving
•
Communication
•
Collaboration

Roles & Responsibilities

4+ years of experience in Security Operations, MDR, Incident Response, or Security Engineering
2–3+ years of hands-on experience with SOAR platforms and security automation
Strong scripting/development skills (Python, PowerShell, Bash) and experience building APIs and integrations
Excellent communication and collaboration skills across engineering and operations teams

Requirements:

Upkeep the design, development, and lifecycle of SOAR playbooks, workflows, and integrations across the MDR platform
Build and operate production-grade automation systems supporting alert triage, enrichment, investigation, and response
Partner with MDR analysts, IR, threat hunters, and engineering teams to translate operational workflows into scalable automation
Define and own automation KPIs, including: Automation coverage, MTTD/MTTR improvement, and False positive reduction

Varonis

About Varonis

Varonis is a pioneer in data security and analytics, fighting a different battle than conventional cybersecurity companies. Varonis focuses on protecting enterprise data: sensitive files and emails; confidential customer, patient, and employee data; financial records; strategic and product plans; and other intellectual property. The Varonis Data Security Platform detects cyber threats from both internal and external actors by analyzing data, account activity, and user behavior; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation. Varonis products address additional important use cases including data protection, data governance, Zero Trust, compliance, data privacy, classification, and threat detection and response. Varonis started operations in 2005 and has customers spanning leading firms in the financial services, public, healthcare, industrial, insurance, energy and utilities, technology, consumer and retail, media and entertainment, and education sectors.

Company type: XLarge

Founded: 2018

Company size: 1001 - 5000

Website LinkedIn See all jobs →

Job description

Description

Job Title: MDR Security Engineer

Position Overview

Varonis MDR delivers 24x7x365 managed detection and response services, protecting customer data through advanced detection, investigation, and response at scale.

We are seeking an MDR Security Engineer to own and scale the automation layer that powers our global MDR operations. This role is responsible for building and operating production-grade automation systems that reduce manual workload, improve detection quality, and enable consistent, high-quality incident response.

The ideal candidate is a hands-on engineer with strong experience in SOAR platforms, security operations, and automation design, capable of driving measurable improvements in efficiency, reliability, and response outcomes across a high-volume SOC environment.

Responsibilities

Upkeep the design, development, and lifecycle of SOAR playbooks, workflows, and integrations across the MDR platform
Build and operate production-grade automation systems supporting alert triage, enrichment, investigation, and response
Define and drive automation strategy by identifying high-impact, high-volume SOC processes and scaling them through automation
Develop integrations across SIEM, EDR/XDR, identity, cloud, and ticketing systems using APIs and scripting
Partner with MDR analysts, IR, threat hunters, and engineering teams to translate operational workflows into scalable automation
Improve detection and response quality through automation of enrichment, investigation, and containment workflows
Contribute to incident response and RCAs by delivering tooling that improves investigation speed, accuracy, and consistency
Evaluate and implement new automation capabilities, including AI-assisted workflows and data-driven decisioning

Monitoring, Metrics & Reliability Ownership

Define and own automation KPIs, including:
- Automation coverage (% of alerts handled or augmented)
- MTTD / MTTR improvement
- False positive reduction and signal-to-noise improvement
- Analyst time saved and throughput increase
Build and maintain dashboards and reporting to measure automation impact on SOC performance and SLAs
Ensure production reliability and stability of automation systems, including:
- Monitoring workflow success/failure rates and execution latency
- Tracking integration and API health, errors, and retry behavior
- Implementing logging, alerting, and observability across automation pipelines
Continuously optimize workflows based on data, feedback, and operational performance to ensure consistent 24/7 MDR operation

Requirements

4+ years of experience in Security Operations, MDR, Incident Response, or Security Engineering
2–3+ years of hands-on experience with SOAR platforms and security automation
Proven experience owning and operating production-grade automation workflows in a SOC/MDR environment
Strong understanding of SOC operations, alert triage, escalation workflows, and incident response
Experience with enterprise security technologies (SIEM, SOAR, EDR/XDR, IAM/AD)
Strong scripting/development skills (Python, PowerShell, Bash) and experience building APIs and integrations
Experience with CI/CD, version control (Git), and deploying automation at scale
Strong analytical thinking and problem-solving skills with the ability to translate complex workflows into automation
Excellent communication and collaboration skills across engineering and operations teams

Nice to Have

Experience with AI-enhanced automation or large-scale workflow orchestration
Experience in high-volume MDR/SOC environments
Familiarity with threat hunting or detection engineering

What Success Looks Like

Increased automation coverage across MDR workflows
Measurable reduction in analyst workload and response times
Improved consistency and quality of incident response
Stable, reliable automation systems operating at scale

We invite you to check out our Instagram Page to gain further insight into the Varonis culture!

@VaronisLife

Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristic

#LI-remote