We are seeking a Security Operations Engineer to join our Security team, reporting to the CIO. This is a hands-on role where you will design and operate security infrastructure, lead cloud security initiatives, and rethink our security architecture. You'll build AI-powered solutions to automate security triage and response, while partnering cross-functionally with DevOps, IT, and Engineering teams to drive security outcomes across the organization.
What you will do :
Design, implement, and operate security monitoring capabilities using a SIEM platform to detect, analyze, and respond to threats in real time. Deploy and manage EDR, DLP, CSPM, and other security controls across the environment.
Build and maintain cloud security architectures, ensuring strong IAM, network segmentation, encryption, and a zero-trust approach across all cloud deployments.
Continuously evaluate and evolve the security architecture and defense in depth strategy. Integrate tools and systems across the stack to enable unified telemetry, seamless data flow, and automated response actions.
Develop AI powered agentic solutions and operational automations using n8n. Use Infrastructure as Code to automate deployment, configuration management, and ongoing lifecycle operations for security infrastructure.
Create and tune detection rules, build log ingestion pipelines, and conduct proactive threat hunting. Lead monitoring, investigation, and remediation efforts using structured DFIR methodologies.
Embed security into CI/CD pipelines and broader DevSecOps workflows. Partner with DevOps, IT, and Engineering teams to integrate security into day to day operations and technical decision making.
Implement and maintain controls aligned with HIPAA, HITRUST, and SOC 2 requirements. Perform security assessments for vendors, SaaS platforms, and internal applications.
Requirements: 5+ years of hands-on experience in security operations, incident response, or security engineering.
Strong background with SIEM platforms for monitoring, threat detection, and alert tuning.
Proven experience deploying and managing core security technologies, including EDR, DLP, and vulnerability management solutions.
Solid cloud security expertise across AWS, Azure, and GCP, with a strong understanding of cloud-native controls and architectures.
Scripting/automation proficiency (Python, Bash, PowerShell) for security automation
Hands-on experience with workflow automation platforms such as n8n or similar
Strong understanding of security architecture principles, defense in depth, and modern attacker techniques.
Familiarity with DevSecOps practices and integrating security into modern SDLC pipelines.
Highly independent: You take ownership of security challenges and you thrive in ambiguity; you carefully research and recommend solutions and drive execution autonomously
A great communicator: You're a people person, and you thrive in a fast-paced team environment with high-performance standards
Capable of working under pressure and delivering quickly
Flexible: You can see the big picture while staying detail-oriented; you can zoom in and out with ease
Driven: You bring a strong desire and drive to tackle complex security problems
What is Nice to Have:
Experience building AI/ML-powered security solutions or SOAR platforms
Background in detection engineering and high-fidelity alert creation
Container/Kubernetes security expertise
Security certifications (CISSP, GIAC, cloud security certifications)
This position is open to all candidates.