remote

Threat Detection Engineer - Security Operations - ID.me

Systems Engineer

Design and operate advanced threat detection solutions, leveraging SIEM platforms, cloud services, and automation to protect large‑scale digital identity infrastructure.

About the role

Key Responsibilities

Develop, tune, and maintain detection rules and analytics in Splunk and other SIEM tools to identify malicious activity across cloud and on‑premise environments.
Automate threat investigation workflows using Python scripts and AWS services, reducing mean time to detect and respond.
Conduct proactive threat hunting, threat modeling, and adversary emulation to uncover hidden risks.
Collaborate with incident response and engineering teams to triage alerts, perform root‑cause analysis, and implement remediation actions.
Produce clear, actionable reports and dashboards for security leadership and compliance stakeholders.

Requirements

3+ years of experience in security operations, threat detection, or SOC engineering.
Strong proficiency in Python for automation and data analysis.
Hands‑on experience with Splunk (or comparable SIEM) and AWS security services.
Demonstrated ability to perform threat hunting, incident response, and develop detection logic.
Solid understanding of cloud security concepts, networking, and common attack vectors.

Skills

pythonsplunkaws

CompanyID.me

DepartmentOperations

LocationSan Jose, California, United States

Experience3+ years

Tenurefull-time

LevelMid-Level

Posted June 25, 2026