Security Operations Engineer

Pure Storage•Santa Clara, CA

3d•$165,000 - $248,000•Onsite

About The Position

We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry. This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us. THE ROLE You will help build and operate the core of our Attack Surface Management (ASM) and Secrets Detection program—integrating asset discovery, vulnerability visibility, secrets scanning, and remediation into scalable workflows. Your job is to ensure that we know what we own, and that none of it leaks secrets, tokens, or credentials—at any point in its lifecycle. You’ll work closely with Security, Infrastructure, DevOps, and Developer Experience teams to: Maintain a real-time, trustworthy asset inventory across on-prem, cloud, and SaaS environments Build and run secrets detection workflows in source code, CI/CD, and production telemetry Create scalable feedback loops to improve posture, reduce false positives, and prioritize by risk This is not a leadership role, but it is highly cross-functional and operationally impactful.

Requirements

5–8 years of experience in security operations, cloud security, or related engineering roles
Experience operating tools like runZero, TruffleHog, GitLeaks, or similar
Familiarity with cloud platforms (AWS, GCP, Azure) and modern CI/CD pipelines
Working knowledge of GitHub, GitLab, and secure code practices
Solid scripting or automation ability (Python, Bash, or equivalent)
Experience managing asset metadata and tagging strategies
Strong understanding of secrets hygiene, credential lifecycle, and IAM basics
Experience working in or supporting vulnerability management workflows
Comfort working with log aggregation tools, security alerting platforms, and ticketing systems
Ability to communicate clearly across technical and non-technical audiences
Self-directed, detail-oriented, and comfortable operating across multiple teams

Nice To Haves

Exposure to SIEMs (e.g., Splunk) or SOAR platforms (e.g., Tines, XSOAR)
Familiarity with software development practices and secure coding principles
Experience with cloud-native monitoring (e.g., AWS Config, CloudTrail, Audit Logs)
Security certifications: GCIH, AWS Security Specialty, or equivalent

Responsibilities

Operate and continuously improve our asset discovery workflows using tools like runZero, CMDBs, and cloud APIs
Track and tag assets by environment, business owner, and criticality
Drive visibility into cloud-native, SaaS, and third-party assets
Support vulnerability intelligence workflows with business context and inventory hygiene
Deploy, tune, and maintain secrets detection tools (e.g., TruffleHog, GitHub Advanced Security, GitLeaks)
Build logic to detect, de-duplicate, and route secret-related alerts to the right engineering owners
Partner with developers to eliminate hardcoded credentials, environment variable leaks, and insecure secrets handling
Monitor for secrets exposure in logs, S3 buckets, or shared infrastructure/Services
Integrate secrets scanning into CI/CD workflows
Correlate asset inventory with Tenable and secrets telemetry to drive prioritization
Automate triage workflows, false positive suppression, and remediation notifications (e.g., via Jira or ServiceNow)
Build dashboards and reporting pipelines to measure secrets MTTR, asset coverage, and risk trends
Contribute to detection content, alert tuning, and posture reporting