Security Engineer II (Detection & SOC Engineering)

Role Overview

We are looking for a Security Engineer II to work as a technical leader within our Security Operations function. This role reports directly to our Chief Security Officer.

This is a highly hands-on role that blends advanced detection engineering, security automation, and incident response leadership. You will design and build high-fidelity detections, develop custom security tooling, integrate our security stack, and elevate the technical maturity of the SOC.

This is not a people management role - it is an individual contributor position with strong technical influence across the security organization.

What You'll Do

Detection Engineering

• Design, implement, and tune high-fidelity detections across cloud, endpoint, SaaS, identity, and application environments
• Build and optimize queries, alerts, and correlation logic within our SIEM and EDR platforms
• Participate in SOC on-call rotation and serve as escalation point for high-severity incidents.
• Lead complex investigations across endpoint, cloud, SaaS, and identity environments.
• Triage and validate high-impact alerts, ensuring consistent investigative rigor and documentation.
• Conduct proactive threat hunting to identify gaps in detection coverage.
• Drive continuous improvement of playbooks, runbooks, and case management standards.
• Partner with analysts to improve alert quality, reduce false positives, and elevate overall SOC effectiveness.

Security Engineering & Automation

• Build custom security tooling to improve alert enrichment, investigation, and response
• Develop integrations between security tools and internal systems via APIs
• Automate repetitive investigative workflows and containment actions
• Improve signal quality and reduce false positives across the stack
• Contribute to guardrails and enforcement mechanisms across cloud and SaaS environments

Incident Response

• Serve as the technical escalation point for high-severity incidents
• Lead complex investigations and root cause analysis
• Improve and mature incident response playbooks and processes
• Conduct post-incident analysis and drive systemic improvements

Technical Leadership

• Raise the technical bar within the SOC through mentorship and code/detection review
• Establish standards for detection quality and investigation rigor
• Partner closely with AppSec, Infrastructure Security, IT, and Engineering
• Help shape the SOC and detection engineering roadmap

Qualifications

Required

• 5-7+ years of experience in security engineering, detection engineering, or security operations
• Strong experience with SIEM platforms
• Experience with EDR platforms
• Strong scripting skills (Python, Bash, or similar)
• Experience working in AWS or similar cloud environments
• Experience leading complex incident investigations

Preferred

• Experience building internal security tools
• Detection-as-code or infrastructure-as-code experience
• Experience integrating tools via APIs
• Experience mentoring junior analysts or engineers
• Familiarity with SaaS security and identity-based attack patterns

Why you'll love working here:

• Podium is the best place to work to:
• Join the leaders in AI agents
• Unlock career-defining growth
• Build with world-class talent
• Make a real impact on local business

Benefits:

• Open and transparent culture
• Life insurance, long and short-term disability coverage
• Paid maternity and paternity leave
• Fertility Benefits
• Generous vacation time, plus three 4-day summer holiday weekends
• Excellent medical, dental, and vision benefits
• 401k Plan with company matching
• Bi-annual swag drops with cool Podium gear and apparel
• A stellar HQ (Utah) gym with local professional coaches and classes offered
• Onsite HQ (Utah) child care center, subsidized for employees

Podium is an equal opportunity employer. Podium provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status or veteran status.