# IT Security Engineer **Company**: Tanium **Location**: Durham, NC (Hybrid) **Work arrangement**: hybrid **Experience**: mid **Job type**: full-time **Salary**: $113,000 to $173,000 per year **Category**: IT **Industry**: Technology **Apply**: https://job-boards.greenhouse.io/tanium/jobs/7874958?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply **Canonical**: https://yubhub.co/jobs/job_e75d9bc6-a86 ## Description The IT Security Engineer will collaborate with Security, IT, and Engineering teams to defend and strengthen our security operations posture. You will be an integral part of the IT Security Engineering Team, responsible for owning and operating our SOAR and SIEM platforms, driving endpoint security initiatives, and building the automation and processes needed to detect, respond to, and remediate threats across the environment. Key responsibilities include: - Contributing to and maintaining our in-house SOAR platform , developing automation playbooks, extending capabilities, and accelerating incident response - Contributing to the aggressive adoption of AI tools within the Security team as well as the protection of AI technologies across Tanium - Managing and optimizing our SIEM environment , maintaining data ingestion pipelines, ensuring log source coverage meets security requirements, and partnering with detection engineering on deployment and tuning - Supporting endpoint security tooling , deploying, configuring, and troubleshooting endpoint detection and response (EDR) solutions across the fleet - Reviewing IT infrastructure changes for security implications, ensuring new configurations and deployments align with security standards and best practices - Partnering with IT and infrastructure teams to onboard new log sources, improve telemetry, and close visibility gaps - Contributing to incident response processes, including containment, eradication, and post-incident review We're looking for someone with: - 3–5 years of experience in a security engineering, security operations, or detection engineering role - Experience securing AI/ML workloads or applying AI-assisted tooling to security operations (e.g., LLM-driven triage, automated analysis, AI-augmented detection) - Hands-on experience administering a SIEM platform (e.g., Sentinel, Splunk, Elastic, Chronicle) - Hands-on experience with a SOAR platform (e.g., Cortex XSOAR, Splunk SOAR, Tines, Swimlane) - Solid understanding of endpoint security concepts , EDR, host-based detection, OS-level telemetry - Understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise infrastructure - Experience operating in and managing cloud environments (AWS, Azure) Engineering experience includes: - Proficiency in scripting and automation (our stack is primarily Python, but equivalent experience is welcome) - Experience with CI/CD concepts , pipelines, automated testing, and deployment workflows - Experience managing infrastructure as code (e.g., Terraform) - Strong troubleshooting and analytical skills Nice to have experience with: - Tanium for endpoint management, visibility, or security modules - Azure Data Explorer (ADX) and Microsoft Sentinel - Writing detection logic (SPL, KQL, Sigma, or equivalent) - Familiarity with detection engineering practices and frameworks such as MITRE ATT&CK - Experience with threat intelligence platforms and enrichment workflows - Cloud security monitoring experience (AWS, Azure, GCP) - Experience supporting incident response in an engineering capacity , data gathering, log analysis, and providing technical context to responders ## Skills ### Required - Security engineering - Security operations - Detection engineering - SIEM platform administration - SOAR platform administration - Endpoint security - Cloud security - Scripting and automation - CI/CD concepts - Infrastructure as code - Troubleshooting and analytical skills ### Nice to have - Tanium - Azure Data Explorer - Microsoft Sentinel - Detection logic - MITRE ATT&CK - Threat intelligence platforms - Cloud security monitoring --- Source: [Apply at job-boards.greenhouse.io](https://job-boards.greenhouse.io/tanium/jobs/7874958?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply)