Security Operations Engineer

About The Position

Requirements

• Security Engineering & Vulnerability Mastery: You possess deep experience in security operations and vulnerability management within enterprise environments, including hands-on experience with asset discovery and secrets detection tools such as runZero, TruffleHog, or GitLeaks.
• Zero Trust & Cloud Specialization: You have technical depth in configuring and operating Zero Trust platforms—specifically Zscaler ZIA/ZPA (including SSL inspection design and policy tuning)—and experience securing major cloud providers like AWS, GCP, or Azure.
• Analytical Automation & DevSecOps: You are proficient in SIEM detection engineering (Splunk) and scripting (Python, PowerShell, or Bash), with a proven ability to integrate secrets scanning and automated remediation workflows directly into CI/CD pipelines.
• Offensive Security & Strategic Communication: You bring practical experience with threat emulation and deception technologies mapped to MITRE ATT&CK, coupled with the ability to partner with engineering teams to prioritize remediation and translate technical risk into business-relevant language.

Responsibilities

• Own the Vulnerability & Asset Lifecycle: Drive risk-based remediation across cloud, container, and endpoint environments. You will shift the needle from volume-based reporting to exploitability-led prioritization (EPSS), utilizing asset intelligence to ensure remediation meets SLAs that tangibly reduce organizational risk.
• Engineer Zero Trust & Connectivity: Lead the operational excellence of Zscaler (ZIA/ZPA). You will manage complex SSL/TLS inspection strategies and policy enforcement to provide seamless, secure access while maintaining deep visibility into encrypted traffic flows.
• Eliminate Credential & Secret Risk: Act as the primary architect for secrets detection within CI/CD pipelines. You will partner with DevOps to automate the identification and remediation of exposed credentials, moving security "left" from code to cloud.
• Architect Detection, Deception, & Automation: Build advanced detection queries in Splunk and deploy enterprise-wide deception strategies aligned with the MITRE ATT&CK framework. You will automate manual triage via Python or SOAR workflows to turn raw security data into high-fidelity alerts.
• Validate & Simulate Defenses: Execute targeted adversary simulations and controls validation (e.g., Atomic Red Team) to verify that detections perform as expected, providing risk-rated findings to technical leaders.
• Translate Risk for Stakeholders: Serve as the technical authority who can pivot from deep-packet inspection troubleshooting to delivering "Fix Impact Reports" for executive leadership, quantifying how remediation efforts have eliminated critical threats.

Benefits

• flexible time off
• wellness resources
• company-sponsored team events