Tanium
ITSecurityEngineer
Neural analysis suggests this role is
optimal for Mid candidates.
“IT Security Engineer at Tanium. owning and operating our SOAR and SIEM platforms. driving endpoint security initiatives”
Industry & Context.
troubleshooting and analytical skills; solving the harder problems
What They're Looking For.
Must Have
Security Experience 3–5 years of experience in a security engineering, security operations, or detection engineering role, Experience securing AI/ML workloads or applying AI-assisted tooling to security operations (e. g. , LLM-driven triage, automated analysis, AI-augmented detection), Hands-on experience administering a SIEM platform (e. g. , Sentinel, Splunk, Elastic, Chronicle), Hands-on experience with a SOAR platform (e. g. , Cortex XSOAR, Splunk SOAR, Tines, Swimlane), Solid understanding of endpoint security concepts — EDR, host-based detection, OS-level telemetry, Understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise infrastructure, Experience operating in and managing cloud environments (AWS, Azure), Proficiency in scripting and automation (our stack is primarily Python, but equivalent experience is welcome), Experience with CI/CD concepts — pipelines, automated testing, and deployment workflows, Experience managing infrastructure as code (e. g. , Terraform)
Nice to Have
Experience with Tanium for endpoint management, visibility, or security modules, Experience with Azure Data Explorer (ADX) and Microsoft Sentinel, Experience writing detection logic (SPL, KQL, Sigma, or equivalent), Familiarity with detection engineering practices and frameworks such as MITRE ATT&CK, Experience with threat intelligence platforms and enrichment workflows, Cloud security monitoring experience (AWS, Azure, GCP), Experience supporting incident response in an engineering capacity — data gathering, log analysis, and providing technical context to responders
What You'll Do.
owning and operating our SOAR and SIEM platforms
driving endpoint security initiatives
building the automation and processes needed to detect
and remediate threats across the environment
Contribute to and maintain our in-house SOAR platform — develop automation playbooks
and accelerate incident response
Contribute to the aggressive adoption of AI tools within the Security team as well the protection of AI technologies across Tanium
Manage and optimize our SIEM environment — maintain data ingestion pipelines
ensure log source coverage meets security requirements
and partner with detection engineering on deployment and tuning
Support endpoint security tooling — deploy
and troubleshoot endpoint detection and response (EDR) solutions across the fleet
Review IT infrastructure changes for security implications
ensuring new configurations and deployments align with security standards and best practices
Partner with IT and infrastructure teams to onboard new log sources
and close visibility gaps
Contribute to incident response processes
including containment
and post-incident review
How You'll Work.
Team & Collaboration
collaborate with Security, IT, and Engineering teams; partner with detection engineering; Partner with IT and infrastructure teams
Full Job Description
The Basics The Security Engineer will collaborate with Security, IT, and Engineering teams to defend and strengthen our security operations posture. You will be an integral part of the IT Security Engineering Team, responsible for owning and operating our SOAR and SIEM platforms, driving endpoint security initiatives, and building the automation and processes needed to detect, respond to, and remediate threats across the environment. What you'll do Contribute to and maintain our in-house SOAR platform — develop automation playbooks, extend capabilities, and accelerate incident response Contribute to the aggressive adoption of AI tools within the Security team as well the protection of AI technologies across Tanium Manage and optimize our SIEM environment — maintain data ingestion pipelines, ensure log source coverage meets security requirements, and partner with detection engineering on deployment and tuning Support endpoint security tooling — deploy, configure, and troubleshoot endpoint detection and response (EDR) solutions across the fleet Review IT infrastructure changes for security implications, ensuring new configurations and deployments align with security standards and best practices Partner with IT and infrastructure teams to onboard new log sources, improve telemetry, and close visibility gaps Contribute to incident response processes, including containment, eradication, and post-incident review We're looking for someone with Security Experience 3–5 years of experience in a security engineering, security operations, or detection engineering role Experience securing AI/ML workloads or applying AI-assisted tooling to security operations (e.g., LLM-driven triage, automated analysis, AI-augmented detection) Hands-on experience administering a SIEM platform (e.g., Sentinel, Splunk, Elastic, Chronicle) Hands-on experience with a SOAR platform (e.g., Cortex XSOAR, Splunk SOAR, Tines, Swimlane) Solid understanding of endpoint security concepts — EDR, host-based d
Applying for this IT Security Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Greenhouse
- Create a Greenhouse profile before applying — it saves time across multiple applications.
- Upload your resume as a PDF; the parser handles it better than Word.
- Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
- Enable email notifications to track application status in real time.
ANONYMOUS · UNFILTERED
What do employees actually say about Tanium?
Real rants from real employees. Read before you apply.