Security Engineer II (Detection & SOC Engineering)

Role Overview

We are looking for a Security Engineer II to work as a technical leader within our Security Operations function. This role reports directly to our Chief Security Officer.

This is a highly hands-on role that blends advanced detection engineering, security automation, and incident response leadership. You will design and build high-fidelity detections, develop custom security tooling, integrate our security stack, and elevate the technical maturity of the SOC.

This is not a people management role — it is an individual contributor position with strong technical influence across the security organization.

What You’ll Do

Detection Engineering

• Design, implement, and tune high-fidelity detections across cloud, endpoint, SaaS, identity, and application environments
• Build and optimize queries, alerts, and correlation logic within our SIEM and EDR platforms
• Participate in SOC on-call rotation and serve as escalation point for high-severity incidents.
• Lead complex investigations across endpoint, cloud, SaaS, and identity environments.
• Triage and validate high-impact alerts, ensuring consistent investigative rigor and documentation.
• Conduct proactive threat hunting to identify gaps in detection coverage.
• Drive continuous improvement of playbooks, runbooks, and case management standards.
• Partner with analysts to improve alert quality, reduce false positives, and elevate overall SOC effectiveness.
  
  

Security Engineering & Automation

• Build custom security tooling to improve alert enrichment, investigation, and response
• Develop integrations between security tools and internal systems via APIs
• Automate repetitive investigative workflows and containment actions
• Improve signal quality and reduce false positives across the stack
• Contribute to guardrails and enforcement mechanisms across cloud and SaaS environments
  
  

Incident Response

• Serve as the technical escalation point for high-severity incidents
• Lead complex investigations and root cause analysis
• Improve and mature incident response playbooks and processes
• Conduct post-incident analysis and drive systemic improvements

Technical Leadership

• Raise the technical bar within the SOC through mentorship and code/detection review
• Establish standards for detection quality and investigation rigor
• Partner closely with AppSec, Infrastructure Security, IT, and Engineering
• Help shape the SOC and detection engineering roadmap

Qualifications

Required

• 5–7+ years of experience in security engineering, detection engineering, or security operations
• Strong experience with SIEM platforms 
• Experience with EDR platforms 
• Strong scripting skills (Python, Bash, or similar)
• Experience working in AWS or similar cloud environments
• Experience leading complex incident investigations
  
  

Preferred

• Experience building internal security tools
• Detection-as-code or infrastructure-as-code experience
• Experience integrating tools via APIs
• Experience mentoring junior analysts or engineers
• Familiarity with SaaS security and identity-based attack patterns
  
  

Why you’ll love working here: 

• Podium is the best place to work to:
• Join the leaders in AI agents
• Unlock career-defining growth
• Build with world-class talent
• Make a real impact on local business

Benefits:

• Open and transparent culture 
• Life insurance, long and short-term disability coverage
• Paid maternity and paternity leave
• Fertility Benefits
• Generous vacation time, plus three 4-day summer holiday weekends
• Excellent medical, dental, and vision benefits
• 401k Plan with company matching
• Bi-annual swag drops with cool Podium gear and apparel 
• A stellar HQ (Utah) gym with local professional coaches and classes offered
• Onsite HQ (Utah) child care center, subsidized for employees