Security Engineer enhancing cybersecurity tools and solutions for The Walt Disney Company. Performing system analyses and developing security configurations for improved protection against cyber threats.
About the role
- Security Engineer II at AvidXchange enhancing security operations and incident response. Collaborating with teams to develop, tune and improve security monitoring and automation capabilities.
Responsibilities
- Develop, tune, and maintain SIEM detections, SOAR automations, processes, and playbooks to improve detection accuracy and response efficiency.
- Monitor, analyze, and triage security alerts, logs, and telemetry to identify threats, suspicious activity, and opportunities for improved visibility.
- Partner with diverse teams to support incident response, including investigation, containment, remediation, and post incident reviews.
- Continuously refine alerting logic to reduce false positives and enhance signal to noise ratio across security tools and platforms.
- Collaborate with engineering and operations teams to ensure logging, monitoring, and security controls are properly implemented and aligned with best practices.
- Evaluate and optimize security technologies to improve automation, detection coverage, and operational efficiency.
- Contribute to threat modeling and detection engineering efforts by researching emerging threats, attacker techniques, and relevant security trends.
- Assist with compliance, audit, and risk assessment activities by providing evidence, documentation, and remediation guidance.
- Maintain and update security documentation, including operational procedures, architecture diagrams, and response playbooks.
- Participate in the on-call rotation to provide timely incident response, including triage, investigation, containment, and escalation of security events.
Requirements
- 3+ years of experience in security operations, detection engineering, cybersecurity engineering, or a related technical discipline.
- Hands‑on experience with SIEM/SOAR platforms, including alert creation, tuning, automation workflows, and log onboarding.
- Strong understanding of security monitoring concepts, attacker TTPs, and frameworks such as MITRE ATT&CK.
- Experience with cloud environments (Azure, AWS, or GCP) and cloud native logging, monitoring, and security controls.
- Proficiency with scripting or programming languages (YARA-L, Python, PowerShell, etc.) for automation, data analysis, and tool integration.
- Familiarity with incident response processes, vulnerability management, and security architecture fundamentals.
- Security certifications such as CySA+, GSEC, GCIA, GMON, CEH, CCSP, or CISSP are strongly preferred.
- Experience working in agile, DevSecOps, or high-velocity operational environments.
Benefits
- 18 days PTO*
- 11 Holidays (8 company recognized & 3 floating holidays)
- 16 hours per year of paid Volunteer Time Off (VTO)
- Competitive Healthcare
- 401(k) Match: 100% match on the first 3% of your salary, plus 50% match on the next 2%
- Parental Leave: 8 weeks 100% paid by AvidXchange**
- Discounts on Pet, Home, and Auto insurance
- Free parking
- Tuition Reimbursement up to the federal maximum of $5,250***
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Operations Lead responsible for security operations aligning with policies and compliance. Handling incident response, vulnerability management, and supporting IT teams with security expertise.
SOC L2 Analyst responsible for security monitoring and incident investigation. Analyzing escalated alerts, conducting correlation with SIEM, and executing response actions.
Cyber Security Specialist protecting digital estate from threats at the University of Edinburgh. Focused on identifying and mitigating cyber risks while supporting teaching and research services.
Lead Specialist in Security Operations, enhancing detection engineering and incident response at Pearson. Collaborate with teams and drive process improvements in a high - paced environment.
Cybersecurity Incident Response Analyst detecting and responding to cyber threats at NOV. Collaborating using AI tools to enhance cybersecurity operations across IT, cloud, and OT environments.
Director leading security operations strategy and overseeing investigations at Ford Motor Company. Responsible for global investigations, crisis management, and team leadership.
Cloud Security Engineer at Artemys designing and maintaining secure Azure infrastructures, overseeing security monitoring and incident management.
Lead global Cyber Detect and Respond team at Assa Abloy, ensuring timely incident response and security compliance. Oversee operations while collaborating across IT and business functions for effective threat management.
Lead Cybersecurity Analyst responsible for technical leadership of a 24x7 SOC team at AT&T. Drive operational standards, incident response, and continuous improvement initiatives.