Senior Security Operations Engineer II

About The Position

Requirements

• 7+ years of experience in security engineering, infrastructure, site reliability, or platform engineering roles.
• Exceptional software development skills with experience building production-grade tools, services, or platforms (e.g., Go, Python, or similar languages).
• Proven ability to design and develop internal security platforms and tooling, particularly for vulnerability management, asset inventory, or CMDB systems.
• Strong experience securing cloud environments (e.g., AWS, Azure) and containerized workloads running in production.
• Hands-on experience with Kubernetes security, including cluster hardening, workload protection, policy enforcement, and runtime monitoring.
• Deep understanding of Linux systems, networking, distributed systems, and their associated security controls.
• Experience integrating security into CI/CD pipelines, including automated scanning, policy enforcement, and secure deployment practices.
• Proficiency in automation and infrastructure-as-code to build scalable and secure platforms.
• Familiarity with observability and security monitoring tools (logging, metrics, alerting, SIEM) to improve detection and response.
• Strong collaboration and communication skills with the ability to work closely with developers, SRE, and platform teams.
• A proactive mindset toward vulnerability management, system hardening, and continuous security improvement.
• Passion for building security tools and platforms that improve developer productivity while maintaining strong security standards.

Responsibilities

• Build and improve security tooling that integrates into developer workflows, including in-house systems to manage vulnerabilities and the CMDB (configuration management database).
• Implement automated security checks and guardrails in CI/CD pipelines to detect and prevent vulnerabilities early.
• Collaborate closely with developers and platform teams to design secure services, infrastructure, and deployment processes.
• Investigate security and infrastructure incidents, perform root cause analysis, and implement long-term remediation and automation.
• Enhance security observability through improved logging, metrics, and alerting to strengthen detection and response.
• Maintain and improve internal security tools, runbooks, and documentation to increase operational efficiency.
• Participate in incident response and on-call rotations, coordinating resolution for high-impact production incidents.
• Design, build, and operate secure, scalable infrastructure and developer-friendly security platforms that support mission-critical systems.
• Develop and maintain in-house tools for vulnerability management and CMDB lifecycle management, enabling asset discovery, tracking, and remediation workflows.
• Enhance CI/CD systems with automated security testing, compliance checks, and deployment safeguards to support secure software delivery pipelines.
• Implement and improve Kubernetes security practices, including workload protection, policy enforcement, cluster hardening, and runtime monitoring.
• Troubleshoot and resolve complex infrastructure and operational issues across distributed environments.
• Partner with engineering, platform, and SRE teams to integrate security seamlessly into fast-moving development workflows.
• Contribute to infrastructure-as-code and automation initiatives that enforce secure configurations and reduce operational overhead.
• Stay current with emerging threats, vulnerabilities, and security tools to continuously strengthen platform security and developer productivity.

Benefits

• Competitive salary and 401k with employer match
• Discretionary paid time off
• Paid parental leave for all
• Medical, Dental, Vision plans
• Fitness Programs
• Emotional & Mental Wellness support
• Learning & Development programs
• Employee Resource Groups (ERGs)
• And yes, we have snacks in our offices