Senior Security Operations Engineer

Summary

Join Axonius as a Senior Security Operations Engineer and play a key role in enhancing our cybersecurity program. Investigate security alerts, respond to incidents, and design threat detection and response strategies. Develop automation to prevent future incidents and improve security operations processes and tools. Provide security guidance to stakeholders and mentor junior team members. Leverage your expertise in security technologies, cloud infrastructure, and scripting to contribute to a dynamic and growing team. This role offers the opportunity to work remotely within the Eastern and Central Time Zones and directly impact all areas of the business.

Requirements

• Minimum of 5 years of hands-on experience shaping and operating a security operations function in a modern, cloud and SaaS-heavy environment
• Proven experience leading and managing security incidents from start to finish
• Proven experience with a broad range of security technologies
• Strong networking and systems knowledge, including a strong understanding of macOS, Windows, and Linux internals
• The ability to write scripts or software to automate security engineering tasks (Python-specific experience is a big plus)
• Cloud Infrastructure: Basic knowledge of cloud infrastructure engineering principles and experience with cloud platforms (AWS,GCP)
• Excellent organizational skills and strong ability to prioritize
• Strong written and verbal communication skills in English, especially in fast-moving, challenging situations

Responsibilities

• Investigate alerts and events that may have security implications
• Respond to and coordinate cross-team efforts during potential security incidents
• Design and implement threat detection, response, and hunting activities
• Develop automation to reduce the likelihood of future incidents
• Drive continuous improvement of security operations processes and tools, including tuning SIEM rules, enhancing SOAR playbooks, and optimizing incident response procedures
• Implement, improve, and maintain code-driven detection and response capabilities of our SIEM platform
• Advise internal stakeholders on security-related subjects, ranging from general OpSec to corporate application or infrastructure architecture
• Follow industry security trends, advisories, news, and general research, and advise stakeholders across the company on how to stay ahead of relevant security risks
• Provide mentorship and guidance to junior security team members

Preferred Qualifications

Infrastructure as Code (IaC): Familiarity with IaC tools; Terraform experience is a significant plus

Benefits

• Stock options
• Attractive benefits
• An annual bonus