Apollo.io

Security Operations Engineer

Apollo.io

full-time

Posted on:

Location Type: Remote

Location: Poland

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudGoogle Cloud PlatformPythonRuby

About the role

  • Monitor, triage, and investigate security alerts and events across cloud infrastructure, SaaS applications, and corporate systems.
  • Conduct end-to-end security investigations, including scoping, containment, eradication, recovery, and documentation.
  • Own investigations independently while collaborating effectively during high-severity incidents.
  • Configure and maintain SIEM detections in Panther, including use cases, correlation rules, alert logic, and tuning.
  • Onboard, validate, and maintain log sources to ensure visibility, accuracy, and reliability.
  • Design and improve investigation and response workflows to streamline triage, escalation, and resolution.
  • Leverage AI-assisted tools to accelerate alert analysis, enrichment, and investigation efficiency.
  • Perform proactive threat-hunting activities to identify malicious or anomalous behavior not surfaced by existing detections.
  • Investigate abuse, fraud, account compromise, and automation misuse scenarios in close collaboration with Fraud teams.
  • Identify detection gaps and propose, implement, and validate improvements.
  • Build scripts, automations, and tools to reduce manual work and improve response speed and consistency.
  • Use Python extensively for analysis, automation, and internal tooling; Ruby experience is a plus.
  • Produce clear, high-quality documentation for incidents, investigations, and post-incident reviews.
  • Share knowledge, review peer work, and mentor other engineers.

Requirements

  • 5+ years of experience in Security Operations, Incident Response, or Security Engineering.
  • Hands-on experience with SIEM platforms (experience with Panther is highly valued), log analysis, and detection engineering.
  • Experience investigating security incidents in cloud-native environments (GCP preferred; AWS and Azure also relevant) and SaaS applications.
  • Experience automating security workflows and investigations.
  • Proficiency in Python; familiarity with Ruby preferred.
  • Ability to operate independently, prioritize effectively, and make sound technical decisions under pressure.
Benefits
  • Health insurance
  • 401(k) matching
  • Flexible work hours
  • Paid time off
  • Remote work options

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security investigationsincident responsedetection engineeringlog analysisautomationPythonRubythreat huntingSIEMcloud security
Soft skills
collaborationindependenceprioritizationtechnical decision-makingdocumentationmentoringcommunicationproblem-solvingattention to detailworkflow design