Location: Remote (USA)
Experience Level:
Junior to Mid-level
About the Role
We are looking for an IT Security Engineer to own security operations across our entire technology environment — on-premises infrastructure, multi-cloud (AWS, Azure, GCP), Microsoft 365, and SaaS platforms including Atlassian. This role is the primary owner of our EDR and SIEM platforms, leads our SOC 2 Type II compliance program from an operational standpoint, and serves as our first responder for security incidents. We are looking for someone with genuine hands-on experience operating security tooling in a production environment — not just policy writing or audit coordination, but actual detection engineering, alert triage, and incident response.
Responsibilities
Responsibilities will include but not be limited to:
- Own deployment, configuration, and ongoing tuning of our EDR platform (CrowdStrike, SentinelOne, or similar) across all managed endpoints and servers
- Own our SIEM platform: manage log source ingestion (firewall, cloud audit logs, M365, endpoint), develop and maintain detection rules, investigate alerts, and reduce false positive noise
- Lead SOC 2 Type II compliance operations: maintain control evidence, coordinate with external auditors, manage findings remediation, and own the security policy library
- Conduct and manage vulnerability scanning across on-premises and cloud environments; prioritize and track remediation with infrastructure and cloud owners
- Own the incident response process: maintain the IR plan, lead investigations, coordinate containment and remediation, and produce post-incident reports
- Perform periodic access reviews across all platforms (M365, Atlassian, AWS/Azure/GCP, SaaS) as required by SOC 2 access control requirements
- Respond to customer security questionnaires and vendor security review requests in partnership with the IT Director
- Partner with the Systems Administrator on endpoint compliance status and offboarding verification
- Partner with the Cloud Engineer on cloud security posture findings and log pipeline configuration
- Monitor and audit Tailscale access logs and ACL policies; ensure network access adheres to least-privilege principles and incorporate Tailscale activity into SIEM detection coverage
Required Qualifications
- 4+ years of experience in security operations, security engineering, or a closely related role
- Hands-on experience operating an EDR platform in a production environment (deployment, policy tuning, alert triage)
- Hands-on experience with a SIEM platform (Splunk, Elastic/OpenSearch, Microsoft Sentinel, or similar) including log ingestion, detection rule development, and alert investigation
- Working knowledge of SOC 2 Type II requirements and control frameworks; experience participating in or leading an audit cycle
- Understanding of cloud security concepts across at least one major cloud provider (AWS, Azure, or GCP)
- Familiarity with Microsoft 365 security features (Defender for Endpoint, Conditional Access, audit logging)
- Experience conducting vulnerability assessments and managing remediation workflows
- Strong written communication skills; ability to write clear incident reports, security policies, and audit evidence
Nice to Have
- CISSP, CISM, Security+, or equivalent certification
- Experience with threat hunting or proactive detection engineering
- Familiarity with MITRE ATT&CK framework as applied to detection development
- Experience with identity governance tooling (Okta, Entra ID / Azure AD)
- Prior experience at a software company or in a similarly multi-platform environment
Compensation
Compensation may vary based on location, experience, and skills. We are open to discussing total compensation including benefits, equity, and professional development budget.
Volexity values diversity and is an equal opportunity employer. All employment is decided on the basis of qualifications, merit, and business need.