Security Operations Engineer

We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry. This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us. THE ROLE As a Security Operations Engineer in the Global Information Security Office (GISO), you will lead the mission to reduce our global attack surface across cloud, endpoint, and SaaS environments. You will report to the Senior Security Operations Manager and work closely with Cloud Platform, Network Engineering, and DevOps teams to connect Zero Trust connectivity and vulnerability management into a coherent program. This role differentiates itself by moving beyond simple task execution to architecting automated, risk-based outcomes that enable the business to scale safely while protecting our most critical assets. WHAT YOU’LL DO Own the Vulnerability Asset Lifecycle: Drive risk-based remediation across cloud, container, and endpoint environments. You will shift the needle from volume-based reporting to exploitability-led prioritization (EPSS), utilizing asset intelligence to ensure remediation meets SLAs that tangibly reduce organizational risk. Engineer Zero Trust Connectivity: Lead the operational excellence of Zscaler (ZIA/ZPA). You will manage complex SSL/TLS inspection strategies and policy enforcement to provide seamless, secure access while maintaining deep visibility into encrypted traffic flows. Eliminate Credential Secret Risk: Act as the primary architect for secrets detection within CI/CD pipelines . You will partner with DevOps to automate the identification and remediation of exposed credentials, moving security "left" from code to cloud. Architect Detection, Deception, Automation: Build advanced detection queries in Splunk and deploy enterprise-wide deception strategies aligned with the MITRE ATTCK framework. You will automate manual triage via Python or SOAR workflows to turn raw security data into high-fidelity alerts. Validate Simulate Defenses: Execute targeted adversary simulations and controls validation (e.g., Atomic Red Team) to verify that detections perform as expected, providing risk-rated findings to technical leaders. Translate Risk for Stakeholders: Serve as the technical authority who can pivot from deep-packet inspection troubleshooting to delivering " Fix Impact Reports" for executive leadership, quantifying how remediation efforts have eliminated critical threats. WHAT YOU BRING Security Engineering Vulnerability Mastery: You possess deep experience in security operations and vulnerability management within enterprise environments, including hands-on experience with asset discovery and secrets detection tools such as runZero, TruffleHog, or GitLeaks. Zero Trust Cloud Specialization: You have technical depth in configuring and operating Zero Trust platforms—specifically Zscaler ZIA/ZPA (including SSL inspection design and policy tuning)—and experience securing major cloud providers like AWS, GCP, or Azure. Analytical Automation DevSecOps: You are proficient in SIEM detection engineering (Splunk) and scripting (Python, PowerShell, or Bash), with a proven ability to integrate secrets scanning and automated remediation workflows directly into CI/CD pipelines. Offensive Security Strategic Communication: You bring practical experience with threat emulation and deception technologies mapped to MITRE ATTCK, coupled with the ability to partner with engineering teams to prioritize remediation and translate technical risk into business-relevant language. We are primarily an in-office environment. You will be expected to work from our Santa Clara, CA or Lehi, UT office in compliance with company policies, unless on approved PTO, work travel, or other leave. Salary ranges are determined b ... (truncated, view full listing at source)