[Hiring] Senior Security Engineer @SpyCloud

Role Description

We are seeking an experienced Security Engineer to join our internal security team who thrives in a fast-paced environment. You have a passion for innovation, solid design principles, and high-quality development. You bring strong infrastructure and detection engineering fundamentals, a security-first mindset, and a deep understanding of cloud and networking concepts.

What You'll Do:

• Infrastructure Design and Maintenance:
  • Design, improve, and maintain secure, durable, and performant infrastructure to power applications, security tooling, log collection, and data mining/ETL workflows.
  • Evolve log collection, processing, and storage infrastructure enabling security monitoring and investigations.
  • Support multi-account and multi-region AWS networking architectures with security-first principles.
• Detection Engineering and Automation:
  • Develop and maintain Splunk detection content aligned to the relevant frameworks and evolving threat intelligence.
  • Administer the Splunk Cloud platform, including search health, log health, and app, platform, and content updates.
  • Design and implement SOAR playbooks to automate investigation and response workflows.
  • Integrate infrastructure security tooling and automation to enhance detection, prevention, and response capabilities.
  • Build and maintain detection-as-code and automated deployment pipelines to ensure consistency, repeatability, and auditability.
  • Continuously refine detection logic to reduce false positives and increase signal quality.
• Security and Compliance:
  • Implement and operate security technologies across the enterprise, such as an endpoint security platform.
  • Support incident response and investigation escalations.
  • Proactively meet standards for information security and compliance, such as SOC 2/ISO27001.
  • Implement and uphold security measures across all infrastructure components.
  • Work cross-functionally with Product, IT, DevOps, and Engineering teams to drive secure-by-default practices.
• Technical Leadership:
  • Drive architectural and design decisions for SpyCloud’s detection program and platforms.
  • Mentor junior engineers and establish best practices across infrastructure and detection engineering domains.

Qualifications

• At least 5 years of professional experience in a DevOps, Security Engineering, or Detection Engineering role maintaining relevant production infrastructure.
• Strong working knowledge of AWS services such as EC2, ECS or EKS, Lambda, ELBs, Transit Gateway, VPC, CloudWatch, S3, Code/Build/Pipeline/Deploy, etc.
• Strong working knowledge of Terraform or similar tools, AWS CLI/SDK, Boto.
• Extensive experience with SIEM content engineering, data transformation, and log onboarding.
• Proficiency with scripting languages such as Python, Bash, etc.
• Proficiency integrating systems via API and their respective authentication mechanisms.
• Strong understanding of networking fundamentals and troubleshooting techniques for bare metal and containerized workloads.
• Experience with best practice build pipelines, including Git/GitHub.

Requirements

• Experience with EDR tools, such as CrowdStrike Falcon and Sentinel One.
• Experience with SOAR playbook building and automation, such as Tracecat and Chronicle SecOps.
• Experience with Cribl Stream.
• Familiarity with Cloud Security Posture Management, such as Crowdstrike and Wiz.

Benefits

• 401(k)
• Health, Vision, and Dental Insurance
• Generous PTO Plan
• In-office meals provided
• 401(k) with Employer Contribution
• Health Savings Account (HSA) available with Employer Contribution
• Employer Paid Life, Short-term, and Long-term Disability Insurance
• Generous PTO Plan and 16 paid holidays per year