Senior Security Engineer

Job Description

Take ownership in designing and continuously improving the security tooling ecosystem, which underpins a modern, detection-first Security Operations Center (SOC). Engineer, deploy, and maintain core SOC platforms, including Malware analysis and sandboxing solutions, Analyst workstation environments (Windows investigation VMs), Endpoint Detection & Response (EDR/XDR), Email Security Engineering, Vulnerability Scan Engineering. Function as the technical owner for SOC platforms, including alignment with architecture requirements, lifecycle management, upgrades, and decommissioning. Ensure SOC platforms are engineered for scale, reliability, performance, and forensic integrity. Take ownership in EDR platform engineering, configuration, and operational health across the enterprise. Define and enforce EDR hygiene standards (sensor coverage, policy consistency, versioning, asset attribution). Track EDR health metrics and proactively remediate gaps impacting detection or response efficacy. Develop testing frameworks to validate EDR detections, policies, and response actions. Serve as a technical owner of detection engineering, enabling high-fidelity detections through better tooling, telemetry, and data quality. Engineer and maintain malware detonation and analysis environments that support safe, repeatable analysis. Assess new attacker techniques, malware families, and evasion tactics for detection and prevention opportunities across the enterprise.

Qualifications

1. Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent practical experience 2. 5-10+ years of experience in security engineering, detection engineering, or advanced SOC technical roles 3. Deep hands-on experience with EDR/XDR platforms (e.g., CrowdStrike, Defender, SentinelOne) 4. Experience engineering SOC platforms rather than only consuming alerts (platform ownership mindset) 5. Strong understanding of Windows internals, Linux operating systems, and server infrastructure, including endpoint and host-level telemetry, process execution, persistence mechanisms, and administrative activity across workstation and server environments 6. Experience supporting malware analysis and sandboxing environments 7. Familiarity with SOC workflows, detection pipelines, and incident response requirements 8. Strong scripting and automation skills (PowerShell, Python) 9. Solid grasp of attacker TTPs mapped to the MITRE ATT&CK framework

Benefits

- Paid vacation time - Paid sick leave - Medical/dental/vision insurance - Life, accident and disability insurance - Tax-advantaged flexible spending and health savings accounts - Employee assistance program - Other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity - Tuition reimbursement - Transit - Employee stock purchase plan - Sandisk's Savings 401(k) Plan