Security Engineer

About The Position

Requirements

• 3–5 years of experience in a security engineering, security operations, or detection engineering role
• Experience securing AI/ML workloads or applying AI-assisted tooling to security operations (e.g., LLM-driven triage, automated analysis, AI-augmented detection)
• Hands-on experience administering a SIEM platform (e.g., Sentinel, Splunk, Elastic, Chronicle)
• Hands-on experience with a SOAR platform (e.g., Cortex XSOAR, Splunk SOAR, Tines, Swimlane)
• Solid understanding of endpoint security concepts — EDR, host-based detection, OS-level telemetry
• Understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise infrastructure
• Experience operating in and managing cloud environments (AWS, Azure)
• Proficiency in scripting and automation (our stack is primarily Python, but equivalent experience is welcome)
• Experience with CI/CD concepts — pipelines, automated testing, and deployment workflows
• Experience managing infrastructure as code (e.g., Terraform)
• Strong troubleshooting and analytical skills
• A relentless desire to automate the mundane to focus on solving the harder problems

Nice To Haves

• Experience with Tanium for endpoint management, visibility, or security modules
• Experience with Azure Data Explorer (ADX) and Microsoft Sentinel
• Experience writing detection logic (SPL, KQL, Sigma, or equivalent)
• Familiarity with detection engineering practices and frameworks such as MITRE ATT&CK
• Experience with threat intelligence platforms and enrichment workflows
• Cloud security monitoring experience (AWS, Azure, GCP)
• Experience supporting incident response in an engineering capacity — data gathering, log analysis, and providing technical context to responders

Responsibilities

• Contribute to and maintain our in-house SOAR platform — develop automation playbooks, extend capabilities, and accelerate incident response
• Contribute to the aggressive adoption of AI tools within the Security team as well the protection of AI technologies across Tanium
• Manage and optimize our SIEM environment — maintain data ingestion pipelines, ensure log source coverage meets security requirements, and partner with detection engineering on deployment and tuning
• Support endpoint security tooling — deploy, configure, and troubleshoot endpoint detection and response (EDR) solutions across the fleet
• Review IT infrastructure changes for security implications, ensuring new configurations and deployments align with security standards and best practices
• Partner with IT and infrastructure teams to onboard new log sources, improve telemetry, and close visibility gaps
• Contribute to incident response processes, including containment, eradication, and post-incident review

Benefits

• equity awards
• medical, dental and vision plan
• family planning benefits
• health savings account
• flexible spending account
• transportation savings account
• 401(k) retirement savings plan with company match
• life, accident and disability coverage
• business travel accident insurance
• employee assistance programs
• disability insurance
• other well-being benefits
• 5 days set aside as volunteer time off (VTO)