Cybersecurity Software Engineer (SIEM & Automation)

About the position The position requires strong software development expertise combined with hands-on cybersecurity engineering skills, including Kali Linux server deployment, penetration testing toolchain support, SIEM data ingestion, and security automation scripting. Responsibilities • Security Engineering & Development Design and develop secure software components, APIs, and microservices to support penetration testing workflows and security automation. • Build custom integrations between penetration testing platforms, vulnerability scanning tools, and enterprise SIEM platforms. • Develop data ingestion pipelines to normalize and forward security telemetry into Splunk and other SIEM platforms. • Create automation scripts to orchestrate security testing, evidence collection, and reporting processes. • Support integration of security testing results into governance, risk, and compliance (GRC) platforms. • Penetration Testing Enablement Build and maintain Kali Linux-based penetration testing infrastructure, including virtualized and cloud-hosted environments. • Configure and manage penetration testing toolchains, frameworks, and supporting services. • Develop custom exploit scripts, test harnesses, and proof-of-concept code to validate security findings. • Support red team and application penetration testing engagements through automation and tool development. • SIEM & Security Operations Integration Develop APIs and connectors to integrate security tools with enterprise SIEM platforms. • Implement log parsing, enrichment, and normalization logic to improve detection fidelity. • Automate alert enrichment, correlation, and reporting workflows. • Collaborate with CSOC teams to align development efforts with detection and monitoring requirements. • Scripting & Automation Develop scripts using Python, PowerShell, Bash, or similar languages to automate security operations and testing processes. • Implement CI/CD pipelines for security tooling and integration code. • Maintain version control repositories and documentation for developed solutions. • Security & Compliance Alignment Ensure developed solutions comply with HHSC security standards, DIR security control requirements, and NIST-based frameworks. • Participate in architecture reviews, risk assessments, and technical design sessions. • Produce technical documentation, configuration guides, and operational runbooks. Requirements • Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience). • 3–5 years of professional software development experience. • Proficiency in one or more programming languages: Python, Java, JavaScript, or C#. • Experience developing REST APIs and integrating enterprise platforms. • Hands-on scripting experience (Python, Bash, PowerShell). • Experience deploying and administering Linux systems. • Familiarity with SIEM platforms (Splunk, Sentinel, or equivalent). • Knowledge of cybersecurity fundamentals and secure coding practices. Nice-to-haves • 5–8 years of professional software development experience. • Advanced experience building security automation and platform integrations. • Hands-on experience with penetration testing tools and Kali Linux environments. • Experience developing security data pipelines and SIEM integrations. • Experience with containerization and virtualization (Docker, VMware, cloud-hosted labs). • Ability to design scalable and resilient security tool architectures. • Experience working in regulated or government environments preferred. • OSCP, CEH, or equivalent penetration testing certification. • Splunk Certified Developer or SIEM integration experience. • Security+, CISSP, or equivalent security certification. • Linux administration certification. Apply tot his job

Apply tot his job

Apply To this Job