Information Security Engineer, I
CA-ON-Mississauga
Zebra Technologies
Req #: 111383
Type: Employee|Employee|Regular Full-time
|
|
|||||||
|
||||||||
Overview: We are seeking a forward-thinking AI Security Operations Engineer to spearhead the integration and creation of advanced AI capabilities within our 24/7 Security Operations Center (SOC). This role is pivotal in transforming our security posture by embedding agentic AI into our core operational functions. You will be responsible for architecting and implementing AI-driven solutions to enhance our threat detection, response, and intelligence analysis, directly impacting our vulnerability management, threat hunting, and incident response processes. Responsibilities: * AI-Enhanced Incident Response: * Design, build, and deploy agentic AI frameworks to accelerate the full incident response lifecycle, from initial detection and triage to containment and eradication. * Develop and refine sophisticated SOAR (Security Orchestration, Automation, and Response) playbooks that leverage AI prompts for dynamic, context-aware decision-making and automated remediation actions. * Integrate AI agents into existing security platforms (SIEM, EDR, XDR) to provide real-time analysis of security events, automated evidence gathering, and recommended response actions for SOC analysts. * AI-Driven Threat Hunting and Intelligence: * Create and manage AI-powered systems to proactively hunt for threats by analyzing vast datasets for anomalous patterns, novel attack techniques, and indicators of compromise (IOCs) that evade traditional detection methods. * Develop AI models and prompts to automate the collection, correlation, and analysis of threat intelligence from multiple sources, providing actionable insights tailored to our threat landscape. * Build AI agents capable of contextualizing threat intelligence, predicting potential attack vectors, and recommending proactive defensive adjustments. * Automated Vulnerability Management: * Implement AI-driven workflows to automate the identification, prioritization, and remediation of vulnerabilities across the enterprise. * Utilize AI to analyze vulnerability data in conjunction with threat intelligence and asset criticality, creating a dynamic, risk-based prioritization model. * Develop SOAR rules and AI prompts to orchestrate mitigation efforts, reducing the mean time to remediate (MTTR). * AI Capability Development and Integration: * Act as the subject matter expert for integrating generative and agentic AI into the SOC's toolset and daily operations. * Collaborate with security analysts to identify and develop custom AI-powered tools and automations that address specific operational challenges and reduce manual effort. * Continuously evaluate and experiment with emerging AI technologies and security platforms to ensure our SOC remains at the cutting edge of security innovation. Qualifications: Minimum Requirements: * Bachelor's Degree required or equivalent experience * 0-2 years of experience * Proven experience in a 24/7 SOC environment with hands-on responsibilities in incident response, threat hunting, or threat intelligence. * Strong practical experience with SOAR platforms (e.g., Palo Alto XSOAR, Splunk SOAR, Microsoft Sentinel) and developing complex automation playbooks. * Demonstrated ability to write and utilize scripts (e.g., Python) for security automation and integration. * Deep understanding of existing security platforms such as SIEM, EDR, and threat intelligence platforms. * Familiarity with the concepts of AI in cybersecurity, including crafting effective prompts for security use cases and understanding the principles of agentic AI workflows. Preferred Requirements: * Hands-on experience integrating AI, particularly large language models (LLMs), into security tools and workflows. * Direct experience with AI-native security platforms like Microsoft Security Copilot. * Knowledge of API integration for connecting disparate security systems and data sources. * A strong understanding of threat actor methodologies (TTPs) and the MITRE ATT&CK framework. * Certifications related to security operations, automation, or cloud security (e.g., GCIH, GCIA, GDAT). * Good verbal and written communication Skills * Ability to understand end user issues * Technical hands-on experience * Able to work independently and excel in a collaborative environment * Ability to trouble shoot * Demonstrated knowledge of applicable IT systems/applications * Ability to develop new systems and tools * Demonstrated analytical skills * Comfortable performing in a fast-paced, high growth, rapidly changing environment * Ability to identify and implement process improvements Zebra is an equal opportunity/affirmative action employer committed to a diverse and inclusive workplace All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability and protected veteran status or any other basis prohibited by law. If you are an individual with a disability and need assistance in applying for a position, please contact us at workplace.accommodations@zebra.com. Know Your Rights: https://www.eeoc.gov/sites/default/files/2022-10/EEOC_KnowYourRights_screen_reader_10_20.pdf Conozca sus Derechos: https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRightsSp_10_20.pdf We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Zebra is a federal contractor and is committed to an alcohol and drug free workplace. As a result, all U.S. based employees are subject to the Drug and Alcohol Free Workplace Policy and Procedure. To all recruitment agencies: Zebra does not accept agency resumes. Please do not forward resumes to Zebra employees or any other team members. Zebra is not responsible for any fees related to unsolicited resumes and direct engagement with Zebra employees.
Share this job:
