Offer summary

Qualifications:

5+ years in Security Operations, including 2 years in a senior/lead capacity., Experience deploying and tuning a SIEM for multiple endpoints or a multi-SaaS environment., Strong knowledge of cloud services and IAM, particularly with Okta or similar., Scripting skills in Linux, Python, or PowerShell; senior security credentials are a plus..

Key responsibilities:

Design and manage the SIEM/SOAR pipeline and create detections across applications.

Deploy and manage security tools like Zscaler, Intune, and EDR/AV while enforcing IAM policies.

Run vulnerability scans, remediate findings, and maintain asset and risk registers.

Automate workflows and conduct purple-team exercises to enhance security posture.

Job description

Senior Security Operations Engineer

Full-time | Remote (U.S. time zones)

Target salary: $100K – $150K (location & experience adjusted)

About the role

Your role will be to safeguard the ARIVE mortgage-tech platform used by thousands of brokers that is growing every month. You will own our 24 × 7 cyber detection stack, automate response playbooks, and harden SaaS, cloud and endpoint surfaces as we scale.

Key Duties

Detect & Respond – Design and run the SIEM/SOAR pipeline, create & tune detections across applications, drive MTTD/MTTR down, command incidents through post-mortem.
Hardening & Engineering – Deploy/manage Zscaler, Intune, Kandji, EDR/AV, Google Workspace DLP; build IaC guardrails in AWS; enforce IAM in Okta IE/Auth0 for all business applications.
Vulnerability & Risk – Run scans and remediate scan findings, maintain asset & risk registers, stay SOC 2 Type II-ready.
Automation & Purple Teaming – Script SOAR workflows (Python / PowerShell / Bash), run purple-team or tabletop exercises, and gate code via GitHub Advanced Security/Wiz.io Defend.

Prior hands-on duties we’d like to see

5+ years in Security Operations, including 2 years in a senior/lead capacity.
Deployed & tuned a SIEM for a large number of endpoints or a multi-SaaS estate.
Built or maintained SOAR playbooks in XSOAR, Splunk SOAR, Tines or similar.
Strong cloud and IAM Chops. Administered Okta (or simila Azure AD) for enterprise users (MFA, SCIM, SSO).
Led at least one Sev-1/Sev-2 incident through root cause and written post-mortem.
Acted as security-ops point person during a SOC 2, ISO 27001 or comparable audit.
Scripting ability (Linux, Python or PowerShell).
Any senior credentials (CISSP, GCIA, GCIH, OSCP, or similar) are plus. Bonus points for secure SDLC experience.

Benefits:

Competitive salary and performance-based bonuses
Comprehensive health, dental, and vision insurance; 401K match
Remote work flexibility
Opportunities for professional growth and development
A supportive and inclusive company culture

Note: ARIVE is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Required profile