Cyber Security Engineer (DevSecOps)Position SummaryThe Cyber Security Engineer (DevSecOps) builds and maintains the automation, pipelines, and integrations that keep ECI’s flagship security platform running. This is a hands-on, implementation-focused role: you will write production Python, ship CI/CD and infrastructure-as-code, and build and operate detection and response workflows in the
Elastic Stack (Elasticsearch, Logstash/Beats, Kibana). It suits an engineer with a strong software-development foundation who wants to own the build-and-deploy side of security operations and turn manual work into reliable, automated systems. You will report into and implement the standards set by the Cybersecurity Architect.Position Responsibilities
- Build and maintain Python automation, services, and integrations that improve detection, response, and customer experience across the security platform
- Develop and operate CI/CD pipelines and infrastructure-as-code (Terraform, Ansible) to deploy and maintain security tooling
- Build and tune detection and response content in the Elastic Stack: data ingestion, parsing and normalization, detection rules, and Kibana dashboards
- Integrate security tools and data sources using REST APIs, webhooks, and SOAR playbooks
- Containerize and deploy workloads with Docker and Kubernetes following secure-deployment practices
- Write tests, documentation, and runbooks for the workflows and scripts you ship
- Work alongside the Cybersecurity Architect to implement the platform’s reference architecture and detection standards
Position Requirements
- Degree in Computer Science or Cyber Security, or equivalent hands-on experience
- 2+ years building software in a professional setting, with strong Python development (services, automation, and APIs, not only light scripting)
- Hands-on experience with the Elastic Stack (Elasticsearch, Logstash/Beats, Kibana) for log ingestion, detection, or analytics
- Practical CI/CD experience, including automated testing, build pipelines, and secure deployment workflows
- Working knowledge of infrastructure-as-code (Terraform, Ansible, or Salt) and configuration management
- Proficiency with Git/GitHub in a collaborative engineering workflow
- Experience with REST APIs, webhooks, and integrations in automation workflows
- Familiarity with core security concepts: logging, alerting, threat detection, and incident response
- Working knowledge of Linux and Windows and their security implications
- Strong problem-solving mindset and clear written and verbal communication
Preferred Experience
- Experience automating detection and response workflows in a SIEM/XDR (Elastic preferred; Splunk or Microsoft Sentinel a plus)
- Working knowledge of the MITRE ATT&CK framework and its use in detection engineering
- Exposure to SOAR, MISP, or Sigma and detection-as-code practices
- Foundational cloud security on AWS or Azure (IAM, shared responsibility model, basic compliance)
- Exposure to container security and Kubernetes hardening
- Interest in applying AI tooling to security automation
ECI’s culture is all about connection - connection with our clients, our technology and most importantly with each other. In addition to working with an amazing team around the world, ECI also offers a competitive compensation package and the range for this role is a maximum of $150,000 annually (depending on experience & location), plus variable with flexible PTO, health benefit eligibility the first of the month, life insurance, pet insurance, 401K and so much more! If you believe you’d be a great fit and are ready for your best job ever, we’d like to hear from you!!
Love Your Job, Share Your Technology Passion, Create Your Future Here!