SecurityOperationsEngineer

We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry. This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us. THE ROLE You will partner with the security operations lead and broader security team to develop and mature security use cases that apply across the company’s environment and operations. Your mission is to build and refine the detections, policies, and response logic that enable the team to identify real attacks, misuse, intrusions, and data loss events with speed and confidence. This is not a passive monitoring role. You will be expected to understand how the business operates, how attackers move, where meaningful signals live, and how to translate that knowledge into durable security content and response workflows. Success in this role is measured not by alert volume, but by signal quality, attack reduction, faster containment, and continuous operational improvement. WHAT YOU’LL DO Design, implement, and maintain high-fidelity detections, correlation rules, alerts, dashboards, and use cases in Splunk and related security platforms. Build detections across multiple data domains, including identity, endpoint, network, cloud infrastructure, SaaS applications, DLP, vulnerability, and asset posture. Correlate signals from diverse tooling and data sources to identify attacker behavior, misuse, anomalous activity, and material security risk. Partner with business units, IT, engineering, and internal security stakeholders to map business processes and workloads to security use cases and required telemetry. Support and participate in incident triage, investigation, containment, and post-incident improvement activities. Develop enrichment and automation workflows using Python, APIs, and secur