Skip to content
Security Operations Engineer
| Company | Versa Networks |
|---|
| Location | Santa Clara, CA, USA |
|---|
| Salary | $135000 – $200000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- Bachelor’s degree in computer science, Information Security, or related field—or equivalent practical experience.
- 5+ years of experience in a security operations, SOC, or incident response role.
- Hands-on experience with endpoint protection and EDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Carbon Black).
- Proficiency in managing endpoint agents, tuning detection logic, and interpreting endpoint telemetry.
- Experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, Elastic) and integrating endpoint data.
- Strong understanding of networking fundamentals, operating systems (Linux/Windows), and system logs.
- Knowledge of common attack vectors, malware behavior, and the MITRE ATT&CK framework.
Responsibilities
- Monitor and analyze security alerts from SIEM, EDR, and endpoint protection platforms.
- Manage and support endpoint detection and response (EDR) solutions, including deployment, tuning, and maintenance.
- Investigate, triage, and respond to security incidents and vulnerabilities, especially those originating at the endpoint level.
- Build and fine-tune detection rules, alerts, and automated response playbooks for endpoint threats.
- Conduct threat hunting activities using EDR data and behavioral analytics.
- Collaborate with engineering and IT teams to remediate findings and harden endpoint configurations.
- Maintain and improve security monitoring infrastructure (SIEM, EDR, log sources, integrations).
- Support the development and execution of incident response plans and tabletop exercises.
- Document findings, incidents, and response actions clearly and thoroughly.
- Stay current with emerging threats, tactics, techniques, and procedures (TTPs), especially those targeting endpoints.
Preferred Qualifications
- Familiarity with scripting or automation (Python, PowerShell, Bash, etc.) is a plus.
- Security certifications such as Security+, GCIH, GCIA, CEH, or similar are a plus.
- Experience with cloud environments (AWS, Azure, GCP) and cloud-native endpoint security tools.
- Exposure to DevSecOps practices and CI/CD pipeline security.
- Participation in threat intelligence communities or CTFs.
