Security Engineer, Principal Member of Technical Staff

About The Position

Requirements

• 10+ years of hands-on experience in cybersecurity, with demonstrated depth across incident response, network security, threat intelligence, and vulnerability management.
• Proven experience leading security incident investigations and coordinating cross-functional response efforts.
• Track record of building or maturing security programs from initial gap identification through operationalization in complex, fast-paced environments.
• Experience working alongside engineering, IT, and infrastructure teams in a security advisory or embedded capacity.
• Hands-on experience with SIEM platforms including Google SecOps (Chronicle), Microsoft Sentinel and Microsoft Defender; ability to develop and tune detection rules, correlation logic, and response automation.
• Experience deploying and managing application allowlisting and endpoint control tools such as ThreatLocker; working knowledge of AI-driven network detection and response platforms such as Darktrace.
• Strong working knowledge of network protocols, firewall management, IDS/IPS, NDR tools, and network segmentation principles.
• Experience with CTI frameworks (MITRE ATT&CK, Diamond Model), threat feeds, and intelligence platforms; ability to produce structured intelligence products.
• Proficiency with vulnerability scanning platforms including Tenable (Nessus / Tenable.io / Tenable.sc) and experience building risk-based remediation workflows across cloud and on-premises environments.
• Proficient in Python and/or PowerShell for building detection logic, automation workflows, and security tooling integrations.
• Working knowledge of Microsoft Azure and/or GCP security services and logging capabilities, including integration with Google SecOps for cloud-native detection and response.
• Solid experience across Linux and Windows environments.
• Bachelor’s degree in computer science, Computer Engineering, or a related technical field (required).

Nice To Haves

• CISSP (Certified Information Systems Security Professional) preferred.
• Relevant certifications such as GCIH, GCFA, GCIA, GCTI, or equivalent advanced certifications are strongly considered.

Responsibilities

• Serve as a key responder and coordinator during security incidents, leading investigations from detection through containment, eradication, and recovery.
• Build and mature a threat intelligence capability that turns raw signals into actionable insights for the business.
• Own vulnerability management end-to-end from discovery and prioritization to driving remediation across engineering and infrastructure teams.
• Harden network environments by identifying gaps, enforcing segmentation, and ensuring monitoring coverage across on-premises and cloud-connected infrastructure.
• Translate complex threat and risk data into clear, prioritized guidance for both technical teams and senior leadership.
• Proactively hunt for threats and misconfigurations before they become incidents.
• Communicate with clarity and confidence across all levels of the organization, adapting your message to your audience.
• Take problems all the way to resolution not just to identification following through, closing loops, and holding yourself and others accountable.
• Lead end-to-end incident response activities including triage, investigation, containment, eradication, and post-incident review.
• Develop, maintain, and continuously improve incident response plans, playbooks, and runbooks.
• Coordinate cross-functional response efforts across IT, engineering, legal, and leadership during active incidents.
• Conduct thorough root cause analysis and drive post-incident improvements to prevent recurrence.
• Maintain and improve SIEM configurations, alert logic, and detection rules to reduce noise and improve fidelity.
• Track incident metrics and report on response trends, dwell time, and program maturity over time.
• Assess and harden network architecture across on-premises and cloud-connected environments, ensuring alignment with security best practices.
• Design and enforce network segmentation strategies, including zero-trust principles and perimeter controls.
• Monitor network traffic for anomalous behavior and lead investigation of network-based threats.
• Partner with IT and infrastructure teams on firewall policy management, VPN architecture, and secure remote access controls.
• Evaluate and improve network visibility tooling including IDS/IPS, NDR, and packet capture capabilities.
• Provide security guidance on network architecture decisions, including SD-WAN, cloud interconnects, and OT/IT boundary controls.
• Build and operationalize a threat intelligence program that delivers timely, relevant, and actionable intelligence to security and engineering teams.
• Collect, analyze, and synthesize intelligence from internal telemetry, open-source feeds, commercial platforms, and industry sharing communities (e.g., ISACs).
• Develop threat profiles and adversary models relevant to QuantumScape's industry, technology stack, and risk landscape.
• Drive intelligence-informed detections by translating TTPs into SIEM rules, detection logic, and hunting hypotheses.
• Produce and deliver threat briefings to technical teams and senior leadership with clear, prioritized recommendations.
• Support proactive threat hunting activities using threat intelligence to guide hypothesis generation and investigation.
• Own and mature the vulnerability management program across cloud, on-premises, and endpoint environments.
• Operate and tune vulnerability scanning tools (e.g., Tenable, Qualys, or equivalent) to ensure comprehensive and accurate coverage.
• Develop risk-based prioritization frameworks that account for asset criticality, exploitability, and business context.
• Partner with engineering, IT, and cloud teams to drive timely remediation and track progress against SLAs.
• Produce clear vulnerability reporting and dashboards for both technical owners and leadership stakeholders.
• Identify systemic gaps and structural risk drivers and recommend durable remediation strategies beyond patch-by-patch fixes.
• Act as a security advisor to engineering, infrastructure, and IT teams translating complex security requirements into practical, actionable guidance.
• Influence technology decisions, architecture reviews, and vendor assessments from a security lens.
• Communicate risk clearly and effectively to both technical and non-technical stakeholders.
• Foster a culture of security ownership and accountability across the organization.

Benefits

• Annual bonus
• Generous RSU/Equity package
• Employee paid health care
• Employee Stock Purchase Plan (ESPP)