Security Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee and enhance security baselines across on-premises, hybrid, and cloud systems, ensuring robust protection while preserving speed and usability.

• Integrate telemetry, logging, tracing, and management of structured, semi-structured, and unstructured data throughout the environment to deliver unified and comprehensive visibility into infrastructure and application activities.

• Lead programs for vulnerability management, patching, and configuration assurance to mitigate exposure and sustain a consistent security posture.

• Collaborate with infrastructure, IT, and application teams to bolster identity, access, and network security utilizing Okta, Google Workspace, and FreeIPA.

• Implement and uphold zero-trust network architectures, SASE controls, CASB solutions, and conditional access policies to safeguard users and data across environments, ensuring full access and control over our data and intellectual property, regardless of location or device.

• Operate and enhance security operations tools, including SIEM, SOAR, and EDR/XDR platforms, to guarantee comprehensive monitoring and swift threat detection.

• Develop and refine detection logic, automation, and playbooks for identifying and responding to threats such as insider activities, lateral movements, and anomalous behaviors.

• Investigate and address security incidents, executing root-cause analysis, containment, and remediation while coordinating with engineering and IT.

• Create automation, scripts, AI agents, and integrations that streamline monitoring, alerting, and remediation workflows, enhancing efficiency and reliability.

• Establish metrics, dashboards, and feedback mechanisms to evaluate detection coverage, response times, and overall security health.

• Foster a culture of security awareness and accountability across engineering teams, ensuring that security measures and productivity progress in tandem.

⛳️ Requirements

• 5-7+ years of experience in security engineering, SOC operations, detection engineering, incident response, or a similar role that combines hands-on technical work with analytical problem-solving.

• Strong software engineering abilities with Python, Go, Bash (knowledge of C and Rust is a significant advantage), including the capacity to design, implement, and maintain high-quality code, automation frameworks, services, and integrations that enhance security, observability, and operational efficiency.

• Proficient with SIEM and SOAR platforms, including experience in building detections, dashboards, and automated workflows.

• In-depth knowledge of EDR and XDR platforms, endpoint security hardening, and telemetry collection across macOS, Linux, Windows, and server environments.

• Experience in implementing or supporting zero trust architectures, including conditional access, SASE, CASB, and identity-driven access control models.

• Familiarity with IAM and SSO systems such as Okta, Google Workspace, and FreeIPA, with the ability to design secure identity, access, and authentication policies.

• Strong networking knowledge, encompassing SDWAN, VPN, IDS and IPS, firewall administration, segmentation strategies, and monitoring network traffic for anomalies.

• Practical experience managing or building security telemetry pipelines, log ingestion frameworks, or observability systems that support both structured and unstructured data.

• Solid understanding of threat modeling, the MITRE ATT&CK framework, attacker techniques, and common detection and response patterns.

• Experience conducting vulnerability assessments, penetration testing, or secure configuration reviews, and collaborating with teams to address identified risks.

• Exposure to cloud and hybrid environments such as AWS, GCP, or on-premises clusters, with the ability to assess risks and implement protective controls across these environments.

🏝️ Benefits

• Comprehensive medical, dental, and vision packages, with generous premium coverage.

• Housing subsidy of $2,000/month for employees residing within walking distance of the office.

• Daily lunch and dinner provided in our office.

• Relocation assistance for individuals moving to San Jose (Santana Row).

• Unlimited compute budget, subject to ROI justification.