Senior Security Operations (SecOps) Engineer

About The Position

Requirements

• 8+ years in enterprise information security with a proven track record of delivering security‑operations projects (platform migrations, automation initiatives).
• Hands‑on knowledge of firewalls, IDS/IPS, anti‑malware, VPN, DLP, SIEM (Splunk, QRadar), vulnerability scanners (Nessus/Qualys), and cloud security controls (AWS GuardDuty, Azure Sentinel).
• Designed SOAR playbooks; scripted in Python/PowerShell; implemented IaC for security controls.
• Proficient in the implementation, configuration, & administration of Windows servers, Linux, VM, and Container systems and hardening.
• Demonstrated ability to manage scope, schedule, risk, and stakeholder communication for security programs.
• Translate legal/regulatory mandates (NIST, ISO 27001) into actionable security controls and governance artifacts.
• The demonstrated ability to work effectively in a collaborative team environment or as an individual contributor.
• Experience managing information security controls, specifically monitoring, troubleshooting, maintaining, and modernization of mission critical networks and information systems.
• Must be eligible to work in the US for any employer without restrictions.
• Must be willing and able to work onsite in San Jose, CA.

Nice To Haves

• Experience with project management, vendor management, and policy development.
• Hands‑on experience with Netskope (NG-SWG, CASB, DLP, ZTNA, RBI, Cloud Firewall) or similar.
• Demonstrated ability in deploying, configuring, and operationalizing Darktrace threat detection platform.
• Prior experience in leading or being part of a security incident response team and proven experience in using SIEM and network DLP.
• Ability to work in a small, collaborative team environment and as an individual contributor.
• Bachelor’s Degree in relevant field is strongly preferred.

Responsibilities

• Lead Security‑Operations Projects - Own the full lifecycle of multi‑disciplinary security projects (e.g., SIEM migration, DLP automation, Secure‑Web‑Gateway hardening), from requirements gathering and stakeholder alignment to design, implementation, testing, and post‑deployment review.
• Architect & Enforce Control Governance - Develop and maintain detailed runbooks, playbooks, and SOPs that codify security‑control configuration, change‑control processes, and compliance checkpoints across firewalls, IDS/IPS, anti‑malware, and data‑loss‑prevention solutions.
• Direct Real‑Time Threat Management - Oversee the configuration, tuning, and integration of SIEM, DLP, and Secure‑Web‑Gateway telemetry; design correlation rules that reduce false positives by > 30 % and trigger automated containment workflows via SOAR platforms.
• Participate in Incident Response Programs – Play a key SME role to identify and drive incident response resolutions.
• Collaborate with Security Engineering & Architecture Teams - Partner with engineers to embed vulnerability‑management findings into patch‑prioritization pipelines; advise architects on control selection that satisfies regulatory requirements (e.g., GDPR, CCPA, NIST 800‑53).
• Drive Continuous Improvement - Lead change‑management initiatives that modernize legacy security tools, introduce security orchestration (e.g., Ansible, Terraform), and enforce configuration‑as‑code standards.
• Vendor & Policy Management - Assist GRC in technology review of 3rd party and partners

Benefits

• Top-notch medical, dental, vision and prescription coverage
• Wellness program
• Parental leave
• 401K match and savings plan
• Flexible spending accounts
• Life insurance
• Paid Holidays
• Paid Time off
• Additional benefits
• U.S.-based employees have access to medical, dental, and vision insurance, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, and wellbeing benefits, among others.
• U.S.-based employees also receive, per calendar year, up to 10 scheduled paid holidays, and Paid Time Off.