Threat Hunter / Security Automation Engineer – AI-Native Cyber Security Startup

About the Company:
A cutting-edge AI-native cloud security startup empowering organizations to proactively detect, analyze, and respond to threats before they become incidents. The company combines threat intelligence, automation, and AI-driven workflows to safeguard cloud environments, streamline security operations, and enable high-speed, scalable protection across enterprise networks.

Role Overview:
Looking for a Threat Hunter-first Security Automation Engineer to drive proactive threat hunting, detection engineering, and AI-driven automation. This role focuses on transforming manual security workflows into automated, scalable processes while working across cloud, network, endpoint, and identity environments.

Key Responsibilities:

• Perform proactive, hypothesis-driven threat hunting across endpoint, network, identity, and cloud telemetry

• Investigate suspicious activity, identify attacker behavior, impact, and attack paths

• Prioritize threats based on risk, exploitability, asset criticality, and business impact

• Design, build, and tune detections aligned with MITRE ATT&CK; perform detection coverage analysis

• Operationalize threat intelligence (TTPs, IOCs, campaigns) into hunts and automated workflows

• Build Python-based automation for investigation, enrichment, and response

• Query and analyze large security datasets using SQL or similar languages

• Create and maintain YAML-based detection rules, workflows, and investigation playbooks

• Build detections across SIEM, SOAR, EDR/XDR, CSPM, and CNAPP platforms

• Investigate and secure cloud environments (AWS, Azure, GCP)

• Encode analyst decision-making into AI-driven investigation and response workflows

Required Skills & Qualifications:

• 4–6 years of hands-on experience in threat hunting or security automation

• Expertise with SIEM, SOAR, EDR/XDR, CSPM, CNAPP platforms

• Strong knowledge of MITRE ATT&CK, including mapping, coverage, and gap analysis

• Experience operationalizing threat intelligence into actionable detections

• Strong Python scripting skills for security automation

• Proficiency in SQL or similar query languages

• Experience writing and maintaining YAML configurations

• Solid understanding of threat detection, incident response, log analysis, telemetry correlation, cloud security, networking fundamentals (TCP/IP, DNS, HTTP, VPNs, firewalls), and Linux/Windows security

• Comfortable working in a fast-paced startup environment with high ownership

High Impact Jobs: CareerXperts Jobs 

Follow CareerXperts on LinkedIn: CareerXperts Consulting