Role Overview
We are looking for a Security Engineer II to work as a technical leader within our Security Operations function. This role reports directly to our Chief Security Officer.
This is a highly hands-on role that blends advanced detection engineering, security automation, and incident response leadership. You will design and build high-fidelity detections, develop custom security tooling, integrate our security stack, and elevate the technical maturity of the SOC.
This is not a people management role — it is an individual contributor position with strong technical influence across the security organization.
What You’ll Do
Detection Engineering
- Design, implement, and tune high-fidelity detections across cloud, endpoint, SaaS, identity, and application environments
- Build and optimize queries, alerts, and correlation logic within our SIEM and EDR platforms
- Participate in SOC on-call rotation and serve as escalation point for high-severity incidents.
- Lead complex investigations across endpoint, cloud, SaaS, and identity environments.
- Triage and validate high-impact alerts, ensuring consistent investigative rigor and documentation.
- Conduct proactive threat hunting to identify gaps in detection coverage.
- Drive continuous improvement of playbooks, runbooks, and case management standards.
- Partner with analysts to improve alert quality, reduce false positives, and elevate overall SOC effectiveness.
Security Engineering & Automation
- Build custom security tooling to improve alert enrichment, investigation, and response
- Develop integrations between security tools and internal systems via APIs
- Automate repetitive investigative workflows and containment actions
- Improve signal quality and reduce false positives across the stack
- Contribute to guardrails and enforcement mechanisms across cloud and SaaS environments
Incident Response
- Serve as the technical escalation point for high-severity incidents
- Lead complex investigations and root cause analysis
- Improve and mature incident response playbooks and processes
- Conduct post-incident analysis and drive systemic improvements
Technical Leadership
- Raise the technical bar within the SOC through mentorship and code/detection review
- Establish standards for detection quality and investigation rigor
- Partner closely with AppSec, Infrastructure Security, IT, and Engineering
- Help shape the SOC and detection engineering roadmap
Qualifications
Required
- 5–7+ years of experience in security engineering, detection engineering, or security operations
- Strong experience with SIEM platforms
- Experience with EDR platforms
- Strong scripting skills (Python, Bash, or similar)
- Experience working in AWS or similar cloud environments
- Experience leading complex incident investigations
Preferred
- Experience building internal security tools
- Detection-as-code or infrastructure-as-code experience
- Experience integrating tools via APIs
- Experience mentoring junior analysts or engineers
- Familiarity with SaaS security and identity-based attack patterns
Why you’ll love working here:
- Podium is the best place to work to:
- Join the leaders in AI agents
- Unlock career-defining growth
- Build with world-class talent
- Make a real impact on local business
Benefits:
- Open and transparent culture
- Life insurance, long and short-term disability coverage
- Paid maternity and paternity leave
- Fertility Benefits
- Generous vacation time, plus three 4-day summer holiday weekends
- Excellent medical, dental, and vision benefits
- 401k Plan with company matching
- Bi-annual swag drops with cool Podium gear and apparel
- A stellar HQ (Utah) gym with local professional coaches and classes offered
- Onsite HQ (Utah) child care center, subsidized for employees
