Sr. Security Engineer II - Security Automation, AI & Orchestration

Description
At CDW, we make it happen, together. Trust, connection, and commitment are at the heart of how we work together to deliver for our customers. It's why we're coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we're headed. We're proud to share our story and Make Amazing Happen at CDW. Job Summary Design intelligent cyber defense. Automate response. Let security act at machine speed. The Senior Security Engineer II - Security Automation, AI & Orchestration is a hands‑on, high‑impact role within the Enterprise Defense & Automation (EDA) team. You will engineer automation‑first, AI‑assisted security capabilities that transform detection signals into real‑time, policy‑driven response and control actions. This role sits at the intersection of AI‑enabled security engineering and SOAR platforms. You'll help evolve security operations from "alert and investigate" to detect, decide, and act- reducing risk through scalable, resilient, and self‑healing automation. This is a builder and problem‑solver role. You'll design and implement SOAR workflows, detection logic, and automated response playbooks, integrating AI/ML‑driven insights to improve signal fidelity, decisioning, and response outcomes across detection, response, and control planes. Your work will directly influence how threats are prevented, contained, and remediated at scale. Success in this role requires strong security fundamentals, fluency across modern security platforms, and the ability to deliver production‑grade automation that operates reliably in real‑world, adversarial environments. If you're passionate about engineering intelligent security systems that think, respond, and defend autonomously, this role puts you at the forefront of modern cyber defense. What you will do Defense Automation Engineering (Primary)
* Design, build, and maintain automation workflows that move security from detect and notify to detect, decide, and act.
* Engineer reusable automation services and playbooks across identity, endpoint, network, cloud, and SaaS control planes.
* Implement guardrails for automation and AI-assisted capabilities (confidence thresholds, blast‑radius controls, rollback mechanisms).
* Develop custom integrations using Python, PowerShell, APIs, AI prompts, and event‑driven architectures. Secure‑by‑Construction Engineering
* Design, build, maintain automation workflows, and AI-assisted capabilities that move security from detect and notify to detect, decide, and act.
* Engineer reusable automation services and playbooks across identity, endpoint, network, cloud, and SaaS control planes.
* Implement guardrails for automation and AI-assisted capabilities (confidence thresholds, blast‑radius controls, rollback mechanisms).
* Develop custom integrations within the security stack. Signal‑to‑Action Orchestration
* Partner with the Cyber Defense Engineering and Response team to integrate high-quality signals suitable for automation.
* Map MITRE ATT&CK techniques to controls and automated responses once, then reuse globally.
* Orchestrate cross‑pillar responses (e.g., Identity → Endpoint → Network → Response).
* Ensure automation outcomes are measurable, auditable, and resilient. Secure‑by‑Construction Engineering
* Embed security controls into CI/CD pipelines for Enterprise Defense & Automation authored content.
* Use policy-as-code, automate testing processes, and establish security gates that quickly block issues.
* Eliminate repeat findings through native auto‑remediation patterns Resilience & Self‑Healing Infrastructure
* Build automation that detects and corrects unsafe platform states without human intervention.
* Develop self‑healing scenarios such as Risky identity state: restrict, rotate, expire, Endpoint degradation: auto‑repair or isolate, Control drift: rollback to known‑good state. Collaboration & Influence
* Collaborate closely with Cyber Security platform owners, Threat Detection Response analyst, Business Unit owners
* Contribute to shared backlogs and design reviews with clear ownership boundaries.
* Document automation patterns, standards, and engineering decisions. What we expect of you
* Bachelor's degree and 7+ years of experience in cybersecurity engineering, detection engineering, or automation‑focused security roles, OR
* 11+ years of experience in cybersecurity engineering, detection engineering, or automation‑focused security roles.
* Strong experience with security automation, orchestration, or SOAR platforms.
* Proficiency in Python and/or PowerShell for production‑grade automation.
* Designing secure, observable, and maintainable AI‑enabled solutions
* Hands‑on experience with SIEM/XDR platforms and cloud‑scale security tooling.
* Practical working knowledge of the MITRE ATT&CK framework and mapping detections to controls.
* Built automation for large, diverse enterprise environments, a plus.
* Familiarity with platforms such as Microsoft Defender, Microsoft Sentinel, CrowdStrike, Palo Alto XSOAR/XSIAM, Azure AD/Entra ID, Splunk, a plus.
* Experience with CI/CD pipelines, infrastructure‑as‑code, and policy‑as‑code, a plus.
* Background in detection engineering, threat hunting, or incident response, a plus.
* Relevant certifications (GCIH, GCFA, Azure Security, cloud or automation certifications), a plus. Pay range: $132,000 - $190,600 depending on experience and skill set Annual bonus target of 10% subject to terms and conditions of plan Benefits overview: [https://cdw.benefit-info.com/](https://cdw.benefit-info.com/) Salary ranges may be subject to geographic differentials
* We make technology work so people can do great things.
* CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. Together, we unite. Together, we win. Together, we thrive. CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law. CDW is committed to fostering an equitable, transparent, and respectful hiring process for all applicants. During our application process, CDW's goal is to get to know you as an applicant and understand your experience, strengths, skills, and qualifications. While AI can help you present yourself more clearly and effectively, the essence of your application should be authentically yours. To learn more, please review [CDW's AI Applicant Notice](https://www.cdwjobs.com/pages/ai-applicant-notice).