Security Operations Engineer

Remote (United States)

About the Role

This opportunity is for a Security Operations Engineer who will help improve how threat detection, investigation, and response workflows are designed, scaled, and automated. This role is ideal for a hands-on security practitioner who thinks beyond single alerts and can connect context across endpoints, networks, SaaS applications, cloud providers, and customer environments.

The position focuses on building repeatable security investigation workflows, improving response actions, supporting automation, and helping customers understand and respond to security threats with greater speed and accuracy.

Job Details

Employment Type: Full Time
Equity: Stock options may be offered

Compensation

Annual Salary: $135,000 – $200,000 per year

Compensation may vary based on interview performance, experience level, specialized skills, market rate, and geographic location. Final compensation may include base salary, bonus eligibility where applicable, benefits, perks, and stock options. Stock option value is not included in the salary range.

What You’ll Do

• Investigate and respond to security threats across endpoints, networks, SaaS applications, and cloud providers
• Analyze security events in context instead of treating alerts as isolated incidents
• Identify the right context needed to understand suspicious activity and determine next response steps
• Investigate issues such as account takeovers, session hijacking, ransomware activity, and suspicious cloud behavior
• Review cloud security activity, including control plane events and related investigation challenges
• Turn investigation processes into repeatable workflows that can scale across security operations
• Build detections that reduce noise and improve the quality of security investigations
• Design orchestration workflows, response playbooks, and automated investigation processes
• Support the development of AI-assisted security workflows and investigation logic
• Write or refine prompts that help AI systems reason through security investigations more effectively
• Move between hands-on investigations, code-based automation, and customer-facing security support
• Review complex logs and connect activity across systems to determine what happened and what should happen next
• Collaborate with teammates to refine response actions and improve security workflows
• Guide customers through investigations and explain findings clearly
• Help ensure similar investigations can be solved faster and more consistently in the future
• Contribute to the next generation of security operations through continuous learning and knowledge sharing

Qualifications

• Experience working in large enterprise security, DFIR, or Managed Detection and Response environments
• Strong experience investigating and responding to threats across endpoints, networks, SaaS applications, and cloud providers
• Ability to think in complete security workflows rather than isolated alerts
• Ability to design scalable investigation and response processes
• Comfort writing code to support security investigations or automation, using Python, Go, or similar languages
• Experience with response orchestration, including designing playbooks or automating workflows, is a plus
• Strong written and verbal communication skills
• Ability to communicate effectively with customers, peers, and technical teams
• Quality-first mindset when performing investigations and building workflows
• Strong curiosity, attention to detail, and commitment to continuous improvement

Ideal Background

• Hands-on experience investigating account takeovers, session hijacking, ransomware activity, and suspicious cloud behavior
• Ability to connect signals across logs, alerts, cloud activity, identity events, endpoint activity, and SaaS platforms
• Experience converting manual investigation methods into repeatable steps, detections, playbooks, or automation
• Comfort working with both technical security teams and customers during investigations
• Interest in improving how AI can support threat detection, investigation, response, and security operations workflows

Work Culture

• Customer-focused approach with an emphasis on exceeding expectations
• Practical, efficient decision-making instead of overcomplicating solutions
• Commitment to high standards and continuous improvement
• Open, honest, and transparent communication
• Resilience when solving difficult security and operational challenges
• Positive, collaborative environment that values creativity, focus, and teamwork