Jobs · Engineering · California

Software Engineer - SOC

Poshmark · California, United States · 1 mo ago
HybridEngineeringFull-time

Responsibilities

  • Maintain, analyze, and triage security events and alerts across distributed systems to identify potential incidents and anomalous behavior.
  • Lead end-to-end incident response, including investigation, containment, eradication, and recovery, with an emphasis on scalable and repeatable processes.
  • Perform deep-dive root cause analysis of sophisticated attacks spanning infrastructure, network, and application layers, including code-level vulnerabilities.
  • Design, build, and maintain automation frameworks to improve detection and response efficiency (e.g., auto-remediation, alert enrichment pipelines).
  • Create and continuously improve incident response playbooks as modular, reusable, and programmatic workflows.
  • Fine-tune alerting systems to reduce noise and false positives through data analysis, feedback loops, and algorithmic improvements.
  • Collaborate closely with SRE, DevOps, IT and engineering teams to remediate vulnerabilities and improve system security and reliability.
  • Engineer and enhance SIEM capabilities, including log ingestion pipelines, normalization, correlation rules, and integrations.
  • Implement and scale security monitoring solutions across cloud-native and distributed environments.
  • Conduct proactive threat hunting using data-driven and hypothesis-based approaches.
  • Enrich and correlate telemetry using IOCs, threat intelligence feeds, and custom-built data pipelines.
  • Contribute to SOC tooling and internal platforms by writing clean, maintainable, and efficient code.
  • Participate in architecture and design discussions to embed security into systems from the ground up.
  • Drive and contribute to broader security engineering and SOC modernization projects.

Requirements

  • 2–4 years of experience in information security, security engineering, or a related field.
  • Hands-on experience with SIEM platforms, EDR tools, IDS/IPS, firewalls, and vulnerability management systems.
  • Experience with incident response and security investigations.
  • Strong understanding of cloud environments (AWS, GCP, or Azure) and associated security considerations.
  • Proficiency in at least one programming or scripting language (e.g., Python, Bash, or Go) with the ability to build automation and tooling.
  • Understanding of software engineering fundamentals (data structures, APIs, version control, testing).

Qualifications

  • Minimum qualifications: Hands-on experience with SIEM platforms, EDR tools, IDS/IPS, firewalls, and vulnerability management systems; proficiency in at least one programming or scripting language; understanding of software engineering fundamentals.
  • Preferred qualifications: Experience in Incident Response, Malware Analysis, and Threat Hunting; background in SOC, or SecDevOps practices; experience building or maintaining internal security tools or platforms; knowledge of distributed systems and observability; familiarity with CI/CD pipelines and infrastructure-as-code; relevant certifications (e.g., GCIA or similar).

Similar jobs

SOC Engineer

Mercury InsuranceUnited States· 3 wk ago
RemoteEngineering$84k–$162k/yrapply on careers-mercuryinsurance.icims.com

SOC Engineer

TENEX.AIUnited States· 4 days ago
RemoteEngineeringapply on tenex.ai

SOC Engineer

TENEX.AISarasota, FL· 3 wk ago
Engineeringapply on tenex.ai

SOC Engineer

Lanco Group of CompaniesHomewood, IL· 2 mo ago
Engineering$90k–$115k/yrapply on recruiting.ultipro.com

SoC Design Engineer

IntelAustin, TX· 3 days ago
Information Technology$122k–$232k/yrapply on intel.wd1.myworkdayjobs.com