Security Engineer, Senior Member of Technical Staff

About The Position

Requirements

• 10+ years of hands-on experience in cybersecurity, with demonstrated depth across incident response, network security, threat intelligence, and vulnerability management
• Proven experience leading security incident investigations and coordinating cross-functional response efforts.
• Track record of building or maturing security programs from initial gap identification through operationalization in complex, fast-paced environments
• Experience working alongside engineering, IT, and infrastructure teams in a security advisory or embedded capacity
• Incident Response & SIEM: Hands-on experience with SIEM platforms including Google SecOps (Chronicle), Microsoft Sentinel and Microsoft Defender; ability to develop and tune detection rules, correlation logic, and response automation
• Endpoint & Network Protection: Experience deploying and managing application allowlisting and endpoint control tools such as ThreatLocker; working knowledge of AI-driven network detection and response platforms such as Darktrace
• Network Security: Strong working knowledge of network protocols, firewall management, IDS/IPS, NDR tools, and network segmentation principles
• Threat Intelligence: Experience with CTI frameworks (MITRE ATT&CK, Diamond Model), threat feeds, and intelligence platforms; ability to produce structured intelligence products
• Vulnerability Management: Proficiency with vulnerability scanning platforms including Tenable (Nessus / Tenable.io / Tenable.sc) and experience building risk-based remediation workflows across cloud and on-premises environments
• Scripting & Automation: Proficient in Python and/or PowerShell for building detection logic, automation workflows, and security tooling integrations
• Cloud Platforms: Working knowledge of Microsoft Azure and/or GCP security services and logging capabilities, including integration with Google SecOps for cloud-native detection and response
• Operating Systems: Solid experience across Linux and Windows environments
• Bachelor’s degree in computer science, Computer Engineering, or a related technical field (required)

Nice To Haves

• CISSP (Certified Information Systems Security Professional) preferred
• Relevant certifications such as GCIH, GCFA, GCIA, GCTI, or equivalent advanced certifications are strongly considered.

Responsibilities

• Lead end-to-end incident response activities including triage, investigation, containment, eradication, and post-incident review
• Develop, maintain, and continuously improve incident response plans, playbooks, and runbooks
• Coordinate cross-functional response efforts across IT, engineering, legal, and leadership during active incidents
• Conduct thorough root cause analysis and drive post-incident improvements to prevent recurrence
• Maintain and improve SIEM configurations, alert logic, and detection rules to reduce noise and improve fidelity
• Track incident metrics and report on response trends, dwell time, and program maturity over time
• Assess and harden network architecture across on-premises and cloud-connected environments, ensuring alignment with security best practices
• Design and enforce network segmentation strategies, including zero-trust principles and perimeter controls
• Monitor network traffic for anomalous behavior and lead investigation of network-based threats
• Partner with IT and infrastructure teams on firewall policy management, VPN architecture, and secure remote access controls
• Evaluate and improve network visibility tooling including IDS/IPS, NDR, and packet capture capabilities
• Provide security guidance on network architecture decisions, including SD-WAN, cloud interconnects, and OT/IT boundary controls
• Build and operationalize a threat intelligence program that delivers timely, relevant, and actionable intelligence to security and engineering teams
• Collect, analyze, and synthesize intelligence from internal telemetry, open-source feeds, commercial platforms, and industry sharing communities (e.g., ISACs)
• Develop threat profiles and adversary models relevant to QuantumScape's industry, technology stack, and risk landscape
• Drive intelligence-informed detections by translating TTPs into SIEM rules, detection logic, and hunting hypotheses
• Produce and deliver threat briefings to technical teams and senior leadership with clear, prioritized recommendations
• Support proactive threat hunting activities using threat intelligence to guide hypothesis generation and investigation
• Own and mature the vulnerability management program across cloud, on-premises, and endpoint environments
• Operate and tune vulnerability scanning tools (e.g., Tenable, Qualys, or equivalent) to ensure comprehensive and accurate coverage
• Develop risk-based prioritization frameworks that account for asset criticality, exploitability, and business context
• Partner with engineering, IT, and cloud teams to drive timely remediation and track progress against SLAs
• Produce clear vulnerability reporting and dashboards for both technical owners and leadership stakeholders
• Identify systemic gaps and structural risk drivers and recommend durable remediation strategies beyond patch-by-patch fixes
• Act as a security advisor to engineering, infrastructure, and IT teams translating complex security requirements into practical, actionable guidance
• Influence technology decisions, architecture reviews, and vendor assessments from a security lens
• Communicate risk clearly and effectively to both technical and non-technical stakeholders
• Foster a culture of security ownership and accountability across the organization

Benefits

• QuantumScape also offers an annual bonus and a generous RSU/Equity package as part of its compensation plan.
• In addition, we do offer a tremendous benefits plan including employee paid health care, Employee Stock Purchase Plan (ESPP), and other benefits.