Senior IT Cyber Security Engineer

Senior IT Cyber Security Engineer

Ashley Furniture Industries, Inc. is the largest manufacturer of furniture in the world. Established in 1945, Ashley offers one of the industry's broadest product assortments to retail partners in 123 countries.

The Senior IT Cyber Security Engineer is a technical, hands-on role spanning Security Operations, cloud and on-premises security engineering, detection and response, and security program support. Operating within a maturing environment, this individual will own the engineering and operations of SIEM/SOAR platforms while also contributing to the design and implementation of security controls across the enterprise, supporting incident response investigations, and ensuring security best practices are embedded across engineering and infrastructure teams.

The ideal candidate is as comfortable tuning detection rules and writing automation playbooks as they are reviewing architecture decisions and contributing to policy and compliance frameworks.

Core Responsibilities:

• Perform daily security case triage and queue management within a cloud-native SIEM platform, including noise reduction, false positive identification, and exception creation
• Develop and maintain SOAR automation playbooks, including ongoing tuning and deduplication logic
• Monitor and apply SIEM parser updates; review change logs and validate newly introduced data tags to ensure detection integrity
• Standardize and maintain detection rule naming conventions and labeling across the SOC environment
• Review, customize, and manage security playbooks pulled from integrated code repositories; validate code for security concerns prior to deployment
• Perform code scanning and vulnerability validation on playbook and automation code prior to production deployment
• Track and report on playbook usage metrics, log ingestion volumes, and establish consumption baselines to support capacity planning
• Build, maintain, and troubleshoot SOC dashboards and underlying queries; produce recurring operational reports for leadership
• Perform ongoing exception tuning as the environment evolves, including malware, PUP, and endpoint alert validation using SentinelOne EDR/XDR platform data
• Monitor and triage email-based threats using Abnormal Security; manage detection policies, investigate reported messages, and validate remediation actions
• Monitor threat intelligence platforms and dark web monitoring tooling; maintain and update monitoring coverage to address emerging indicators
• Investigate and respond to account compromise indicators, including anonymous sign-in attempts and credential-based threats; execute account remediation actions via enterprise identity management platforms
• Maintain a detection rule tuning feedback loop between SIEM case findings and the broader MSSP detection ruleset
• Manage log forwarder infrastructure, including replacement or migration projects in coordination with IT and vendor support teams
• Coordinate with vendor professional services teams as needed to validate and advance SOC tooling initiatives
• Design, implement, and continuously improve security controls across cloud and on-premises environments to reduce risk and strengthen the overall security posture
• Work closely with engineering and infrastructure teams to embed security best practices into system design, platform deployments, and operational workflows
• Evaluate and recommend security tooling, configurations, and architectural patterns in alignment with enterprise standards and risk tolerance
• Support incident response investigations from initial triage through containment, eradication, and post-incident review
• Help identify gaps in detection coverage and contribute to strengthening detection capabilities based on incident findings and emerging threat intelligence
• Contribute to the development, review, and maintenance of security policies, standards, and procedures
• Support compliance efforts aligned to established frameworks including NIST CSF and PCI-DSS, including evidence collection, gap assessment, and control documentation

Required Skills & Qualifications:

• Strong hands-on experience with cloud-native SIEM and SOAR platforms (e.g., Google SecOps / Chronicle, Splunk, Microsoft Sentinel, or equivalent)
• Experience with SentinelOne EDR/XDR for endpoint threat triage, malware validation, alert investigation, and response actions
• Hands-on experience with Abnormal Security or equivalent AI-driven email security platforms for phishing triage, policy management, and threat remediation
• Proficiency writing and optimizing regular expressions for alert tuning, exception logic, and parser development
• Demonstrated experience with detection engineering and rule tuning methodologies in an enterprise SOC environment
• Practical experience designing or implementing security controls across hybrid cloud and on-premises environments
• Ability to collaborate effectively with engineering and infrastructure teams to integrate security requirements into technical projects
• Familiarity with incident response processes and experience supporting investigations through the full response lifecycle
• Familiarity with threat intelligence platforms (e.g., Recorded Future, ThreatConnect, or equivalent) and dark web monitoring practices
• Working knowledge of Linux systems administration, including scripting (Bash, Python) and scheduled task management
• Ability to write and maintain custom queries and dashboard logic within a SIEM environment
• Working knowledge of security frameworks such as NIST CSF and PCI-DSS and their application to enterprise security programs
• Strong documentation habits and ability to develop and standardize repeatable operational processes

Benefits We Offer:

• Health, Dental, Vision, Employee Assistance Program
• Paid Vacation, Holidays, and Your Birthday off
• Generous Employee Discount on home furnishings
• Professional Development Opportunities
• Ashley Wellness Centers (location specific) and Medical Tourism
• Telehealth
• 401(k) and Profit Sharing
• Life Insurance

Our Core Values:

• Honesty & Integrity
• Passion, Drive, Discipline
• Continuous Improvement/Operational Excellence
• Dirty Fingernail
• Growth Focused