Security Engineer II – Detection, SOC Engineering

🌍 Remote, USA 🎯 Full-time 🕐 Posted Recently

Job Description

    Job Description:
  • Design, implement, and tune high-fidelity detections across cloud, endpoint, SaaS, identity, and application environments
  • Build and optimize queries, alerts, and correlation logic within our SIEM and EDR platforms
  • Participate in SOC on-call rotation and serve as escalation point for high-severity incidents
  • Lead complex investigations across endpoint, cloud, SaaS, and identity environments
  • Triage and validate high-impact alerts, ensuring consistent investigative rigor and documentation
  • Conduct proactive threat hunting to identify gaps in detection coverage
  • Drive continuous improvement of playbooks, runbooks, and case management standards
  • Build custom security tooling to improve alert enrichment, investigation, and response
  • Develop integrations between security tools and internal systems via APIs
  • Automate repetitive investigative workflows and containment actions
  • Improve signal quality and reduce false positives across the stack
  • Contribute to guardrails and enforcement mechanisms across cloud and SaaS environments
  • Serve as the technical escalation point for high-severity incidents
  • Lead complex investigations and root cause analysis
  • Improve and mature incident response playbooks and processes
  • Conduct post-incident analysis and drive systemic improvements
  • Raise the technical bar within the SOC through mentorship and code/detection review
  • Establish standards for detection quality and investigation rigor
  • Partner closely with AppSec, Infrastructure Security, IT, and Engineering
  • Help shape the SOC and detection engineering roadmap
    Requirements:
  • 5–7+ years of experience in security engineering, detection engineering, or security operations
  • Strong experience with SIEM platforms
  • Experience with EDR platforms
  • Strong scripting skills (Python, Bash, or similar)
  • Experience working in AWS or similar cloud environments
  • Experience leading complex incident investigations
  • Experience building internal security tools (Preferred)
  • Detection-as-code or infrastructure-as-code experience (Preferred)
  • Experience integrating tools via APIs (Preferred)
  • Experience mentoring junior analysts or engineers (Preferred)
  • Familiarity with SaaS security and identity-based attack patterns (Preferred)
    Benefits:
  • Open and transparent culture
  • Life insurance, long and short-term disability coverage
  • Paid maternity and paternity leave
  • Fertility Benefits
  • Generous vacation time, plus three 4-day summer holiday weekends
  • Excellent medical, dental, and vision benefits
  • 401k Plan with company matching
  • Bi-annual swag drops with cool Podium gear and apparel
  • A stellar HQ (Utah) gym with local professional coaches and classes offered
  • Onsite HQ (Utah) child care center, subsidized for employees

Apply Now

Apply Now

Ready to Apply?

Don't miss out on this amazing opportunity!

🚀 Apply Now

Similar Jobs

Recent Jobs

You May Also Like