🛠 Tech Stack

💼 About This Role

You'll own the operational health and continuous improvement of Aurora's enterprise security platform stack, including EDR/XDR, SIEM, and IAM. Your core impact will be reducing noise while ensuring high-fidelity threat coverage, acting as the deepest internal expert on security tooling. This role is for an elite security operator who finds deep satisfaction in mastering a tool and closing coverage gaps.

🎯 What You'll Do

• Own operational health and configuration of enterprise security platform stack.
• Develop detection rules, correlation logic, and alert policies.
• Conduct proactive threat hunting across security telemetry.
• Serve as deep internal expert and escalation point for platform issues.
• Participate in on-call rotation and lead incident investigations.

📋 Requirements

• 12+ years of hands-on experience in security operations or SOC engineering.
• Expert-level proficiency in at least two enterprise security platforms (e.g., CrowdStrike, Splunk, Okta).
• Demonstrated ability to tune and optimize security platforms beyond default configurations.
• Strong log analysis and threat hunting skills with ability to write queries.
• Experience conducting incident investigations including triage, containment, and RCA.

✨ Nice to Have

• Scripting ability in Python or Bash for automation.
• Deep familiarity with MITRE ATT&CK for detection gap analysis.
• Experience with AWS security telemetry (CloudTrail, GuardDuty).

🎁 Benefits & Perks

• 💰 Annual bonus
• 📈 Equity compensation
• 🏥 Comprehensive benefits

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager· 45 min
4. 4On-site/Team· Half day