Senior Engineer, Security Operations

  Who we are looking for: The Senior Operations Engineer is a critical role responsible for the overall security posture of ACV Auctions Threat landscape. Reporting directly to the Director of Cybersecurity Operations, this individual will own and mature the Security Operations program, integrating security practices throughout the environment. This position requires a self-motivated and highly organized engineer with excellent communication and technical skills.   Senior engineer is technical leader who sets technical direction for security operations engineering initiatives. Leads complex, high-impact projects and serves as the escalation point for difficult engineering challenges and opportunities. Drives innovation in security capabilities and represents engineering to the broader organization.     What you will do: Lead proactive, hypothesis-driven threat hunting across endpoint, cloud, and identity environments Develop and refine detection logic, correlation rules, and behavioral analytics within SIEM and EDR platforms Map adversary tactics, techniques, and procedures (TTPs) to MITRE ATT&CK to improve detection coverage Analyze threat intelligence and emerging attack patterns to strengthen defenses Lead and scale cybersecurity operations across enterprise or multi-tenant environments Oversee incident triage, investigation, containment, and remediation Act as escalation point for high-severity incidents Improve alert fidelity and reduce false positives through tuning and automation Mature the alert and incident management tracking systems Standardize workflows and playbooks to ensure operational consistency Design and implement incident response frameworks and playbooks Lead response efforts for advanced threats across environments supporting up to large user bases Conduct root cause analysis and post-incident reviews Automate response actions to reduce mean time to detect/respond (MTTD/MTTR) Secure multi-cloud environments (AWS, GCP) through posture management and configuration monitoring Detection of Zero Trust principles and violations across identity and access management systems Strengthen controls within platforms such as, CASB and DLP solutions Automate workflows and security operations processes for tracking the remediations actioned against the environment Integrate tooling and orchestrate response using SOAR or similar platforms Continuously improve detection capabilities and operational efficiency Deliver AI enabled automations and tooling for the ACV Security Operations Center Deliver executive-level reporting (MBRs/QBRs) on security posture, threats, and risk Translate technical findings into business-relevant insights to present to external stakeholders Collaborate cross-functionally with IT, engineering, and leadership teams Perform additional duties as assigned.    What you will need: 8+ years’ experience Minimum of a 4 year Bachelor’s degree Strong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls). Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments. Experience with Fintech companies is desirable. Experience with modern software development including Agentic and Generative AI techniques. Familiarity with adversarial AI/ML techniques and their protections, such as Interference attacks and others in the MITRE ATLAS framework. Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context for executive leadership and stakeholders. Ability to work effectively in a remote environment and manage geographically dispersed teams. Excellent communication, interpersonal and leadership skills, with the ability to interact with staff at all levels. Knowledge of CASB, DLP and SASE technologies Proven ability to be agile and work effectively in a dynamic environment. Demonstrated ability to perform under pressure and respond rapidly to emerging incidents and situations. Excellent coordination, project management, and organization skills and comfortable with multi-tasking in a high-energy environment. Should be a creative and analytical problem solver with a passion to provide excellent customer service. Practical hands-on experience engineering and implementing data security controls in cloud environments including databases, datastores and SaaS platforms. Linux and Kubernetes/Container management and security DevOps code based implementation and management Knowledge of AWS including but not limited to S3, Lambda, RDS, EC2 and AWS Security Center Understanding of TCP/IP Networking including knowledge of Protocols and Services Understanding of what Information or Assets are of value to Threat Actors and how Organizations are Breached and Customer Accounts Compromised. Overall understanding of the Security domain, compliance, business, risk, ops etc ALONG with its application to the business.#LI-AM3