Senior Cybersecurity Engineer – Detection Engineer
| Company | Marathon Petroleum |
|---|---|
| Location | San Antonio, TX, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- Bachelor’s Degree in Information Technology, related field or equivalent experience.
- 5+ years of relevant experience required
- Hands-on experience with SIEM platforms (e.g., Splunk, Google SecOps, QRadar), detection rule creation, and alert tuning required.
- Experience with scripting (e.g., Python, PowerShell) and security automation/orchestration tools (e.g., SOAR platforms like Google SecOps, Cortex XSOAR, Splunk SOAR, or Swimlane) required.
Responsibilities
- Conducts detailed analyses on changes to cybersecurity solutions and its relationship to internal and external systems to assess business impact and cybersecurity risk by developing, implementing, and continuously refining cyber threat detection logic across the corporate SIEM/SOAR platform.
- Leverages cybersecurity assessments, standards and ensures compliance across security systems.
- Improves the efficiency and effectiveness of Security solutions, processes and controls in place by building, testing, and maintaining security automation and orchestration workflows to accelerate detection and response across environments.
- Analyzes existing processes and procedures and leads efforts for implementing improvements or remediation.
- Responsible for development and submission of Standard Operating Procedures.
- Analyzes business impacting events, performs initial investigation. Monitors networks, systems, and applications for signs of potential cybersecurity incidents.
- Investigates and analyzes the nature and scope of cyber incidents. Assists in the development of innovative and creative ideas to formulate risk mitigation and remediation plans and approaches to ensure regulatory compliance by collaborating with threat intelligence and hunting teams to operationalize adversary TTPs into actionable detection use cases.
- Leads implementation of global security initiatives, policies, and compliance requirements. Collects and validates all security metrics and any remediation efforts associated with them.
- Manages cyber security-related consulting, guidance, and support to customers and stakeholders by Documenting detection content, orchestration logic, tuning efforts, and automation workflows for internal knowledge sharing and auditability.
- Translates security principles to assist configuration teams with incorporating security into build and configuration processes.
- Monitors emerging IT/OT and cybersecurity technologies as well as their impact on the security landscape.
Preferred Qualifications
- Professional certification, e.g. Security+, Network+, OSCP, GIAC, CEH preferred.
- Cybersecurity certifications such as GCDA, GRID, GCIA, GNFA, GCFA or equivalent preferred.
- Familiarity with ICS/OT networks and industrial protocols such as Modbus, DNP3, and OPC preferred.
- Knowledge of threat frameworks including MITRE ATT&CK and Cyber Kill Chain preferred.
- Experience collaborating with cybersecurity, engineering, and operations teams preferred.