Sr. Security Engineer I at Yum! Brands

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field with 8-10 years of relevant experience

• Key Responsibilities

• Design and implement security automation workflows for alert ingestion, enrichment, triage, and response

• Develop scripts and playbooks to reduce manual effort and improve incident response efficiency

• Integrate SIEM, SOAR, and security tools with case management and ticketing systems

• Enhance detection capabilities by incorporating threat intelligence into pipelines

• Support detection rule lifecycle management including tuning, validation, and deployment

• Troubleshoot and optimize automation processes to reduce false positives and improve signal quality

• Collaborate with SOC, Security Engineering, and IT teams to translate requirements into automation solutions

• Contribute to development of automation standards, documentation, and runbooks

• Identify opportunities to improve processes, tooling, and detection coverage

• Act as a technical resource and provide guidance to less experienced team members

• Required Skills

• Strong experience in security automation, detection engineering, or SOC operations

• Hands-on experience with SIEM platforms and alerting frameworks

• Proficiency in scripting/programming (e.g., Python, PowerShell)

• Experience integrating systems via APIs and automation pipelines

• Understanding of cybersecurity frameworks (e.g., MITRE ATT&CK)

• Knowledge of incident response processes and threat detection methodologies

• Strong analytical and problem-solving skills

• Ability to independently execute on complex technical tasks

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field

• 5–8 years of experience in cybersecurity, security engineering, or related discipline

• Experience working in a Security Operations Center (SOC) or similar environment

• Familiarity with SOAR platforms and automation playbooks

• Experience with cloud environments (AWS, Azure, or GCP) preferred

• Knowledge of Infrastructure as Code (e.g., Terraform, Ansible) preferred

• Relevant certifications (e.g., Security+, GIAC, CISSP – Associate or progress toward certification) preferred

• Key Performance Indicators (KPIs)

• Short-Term Outcomes (3–6 months)

• Automate ≥20–30% of repetitive SOC workflows or alert triage tasks

• Reduce average incident triage time by 15–25% through automation enhancements

• Successfully deploy 3–5 new automation playbooks integrated with SIEM/SOAR tools

• Improve alert enrichment coverage to ≥80% of prioritized use cases

• Long-Term Outcomes (6–12+ months)

• Reduce false positive rate in key detection pipelines by 25–40%

• Increase automated incident response coverage to ≥50% of common use cases

• Achieve measurable reduction in Mean Time to Respond (MTTR) by 20–30%

• Expand detection coverage aligned to MITRE ATT&CK across critical threat vectors

• Functional Excellence Metrics

• Technical Delivery

• Automation reliability ≥95% success rate across workflows

• Number of scalable automation solutions adopted across teams

• Operational Efficiency

• Reduction in manual workload hours for SOC analysts

• Number of integrations implemented across security tools and platforms

• Collaboration & Influence

• Stakeholder satisfaction with automation solutions and responsiveness

• Contributions to documentation, standards, and team knowledge sharing