Sr Detection Engineer Dallas or Detroit metro

Senior Detection Engineer

The Cybersecurity Engineering function is responsible for supporting the design and implementation of Security Architecture patterns into functioning platforms and systems within Comerica. This includes the engineering, deployment, and advanced support of critical control systems, security platforms, and associated workstreams or processes. The Cyber Engineering teams collaborate closely with peers within the Cyber Defense Organization and Technology teams to enable and support Comerica's systems.

The Senior Detection Engineer is responsible for Create SOAR playbooks, workflows and integrations to automate tasks like threat detection, incident response and security operations. Maintain SOAR playbooks by creating detailed step by step instructions for security analysts to follow during incidents.
Collaborate closely with SOC, Threat Detection and Intel teams to understand operational requirements and tailor automation solutions. Provide technical expertise and support for SOAR-related problems and configurations.

As well as, assist clients to fully optimize SIEM system capabilities and the audit and logging features of event log sources. Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources. Working alongside the SOC, Threat Detection and Threat Intel teams for configuring, maintaining, tuning and enhancing the SIEM platform. Be responsible for the investigation and delivery of defect resolutions through engineering into the production environment without impacting the live service. Monitor and manage the performance of the SIEM infrastructure. Support security engineering requirements for projects, transitions, and transformations. Provide periodic status updates and technical presentations.

Position Responsibilities:
Cybersecurity Engineering

• Provides extensive and complete analysis on the technical roadmaps of their respective core competency with an emphasis on the risk reduction and business enablement of their implementations.
• Drives the enhancement of documentation, process, and procedure to increase the completeness of Audit requirements and reduce time to respond to Audit requests.
• Provides expert-level incident and security response support in coordination with junior staff and their Cybersecurity Engineering Manager.
• Maintains ownership of risks or control gaps in conjunction with their Cybersecurity Engineering Manager and oversees the execution of tactical remediation plans.
• Participates in the strategic planning of their respective core competency in collaboration with other senior staff and their Cybersecurity Engineering Manager.
• Ensures the enhancement and configuration of security platforms or tools to create concrete improvement and risk reduction.

Communication and Collaboration

• Develops feedback on risk identification mechanisms, gap analysis processes, roadmap creation, and knowledge management for the Cyber Engineering teams.
• Performs resource management with vendors, operations members, and management to ensure sustainable departmental success.
• Provide technical oversight on the enhancement efforts of junior staff in the areas of automation, control design, and service resiliency.
• Translate security architectural requirements, perform impact classification of known risks, and ensure the successful delivery of projects of a medium to high complexity.
• Collaborates with stakeholders across the business to develop security solutions to existing and new business problems.
• Coordinates complex changes necessary to support enhancements to Cyber Engineering services.
• Collaborates with other Engineering and Operations teams within both the Cyber and Technology organizations to troubleshoot and respond to events, as directed by business processes.
• Provides guidance to junior staff on the appropriate escalation and communication patterns.
• Presents project and related materials to Cyber Engineering and members of Management to gather feedback and provide status as needed.

Planning and Administration

• Identify - evaluate projects/programs/initiatives - design processes that enhance - rationalize existing and upcoming solutions.
• Review and propose alternate solutions to non-standard solutions if/as applicable to meet business - applications needs.
• Review, identify - manage requirements for moderate solutions and do a cost value, feasibility, and risk analysis as appropriate.
• Keep management informed of status of on activities through accurate, timely, and appropriate reporting.
• Actively participates in committees representing the department and/or planning unit.
• Keep abreast of leading-edge technologies in the Cybersecurity engineering space.