🛠 Tech Stack

💼 About This Role

You'll triage and investigate security incidents across SIEM, EDR, and cloud telemetry as part of a threat management team at a leading automation company. Your work directly improves detection and response in both commercial and FedRAMP Moderate environments. You'll contribute to automation and detection engineering while growing under senior mentorship.

🎯 What You'll Do

• Triage and investigate security incidents across multiple telemetry sources
• Contribute to root cause analysis and improve detection content
• Participate in proactive threat hunting and maintain IR playbooks
• Follow strict FedRAMP procedures for incident response and reporting

📋 Requirements

• Minimum 1 year of experience in Security Operations
• Hands-on exposure to at least one major SIEM (Sentinel, Splunk, Chronicle, Elastic)
• Hands-on exposure to at least one EDR (Defender XDR, CrowdStrike, SentinelOne)
• US citizen or lawful permanent resident (green card holder)
• Ability to work from Bellevue, WA office min 3 days/week

✨ Nice to Have

• Exposure to cloud incidents (Azure/AWS/GCP)
• Familiarity with NIST SP 800-53 and NIST SP 800-61

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 💰 Competitive salary
• 📈 Stock options
• 🏋️ Wellness programs
• 🏠 Remote flexibility

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Phone Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min