Security Engineer II – Security Operations

AvidXchange, Inc.

full-time

Posted on: 2/4/2026

Location Type: Remote

✨ AI Apply

About the role

Develop, tune, and maintain SIEM detections, SOAR automations, processes, and playbooks to improve detection accuracy and response efficiency.
Monitor, analyze, and triage security alerts, logs, and telemetry to identify threats, suspicious activity, and opportunities for improved visibility.
Partner with diverse teams to support incident response, including investigation, containment, remediation, and post incident reviews.
Continuously refine alerting logic to reduce false positives and enhance signal to noise ratio across security tools and platforms.
Collaborate with engineering and operations teams to ensure logging, monitoring, and security controls are properly implemented and aligned with best practices.
Evaluate and optimize security technologies to improve automation, detection coverage, and operational efficiency.
Contribute to threat modeling and detection engineering efforts by researching emerging threats, attacker techniques, and relevant security trends.
Assist with compliance, audit, and risk assessment activities by providing evidence, documentation, and remediation guidance.
Maintain and update security documentation, including operational procedures, architecture diagrams, and response playbooks.
Participate in the on-call rotation to provide timely incident response, including triage, investigation, containment, and escalation of security events, while ensuring clear communication and thorough documentation throughout the response lifecycle.

3+ years of experience in security operations, detection engineering, cybersecurity engineering, or a related technical discipline.
Hands‑on experience with SIEM/SOAR platforms, including alert creation, tuning, automation workflows, and log onboarding.
Strong understanding of security monitoring concepts, attacker TTPs, and frameworks such as MITRE ATT&CK.
Experience with cloud environments (Azure, AWS, or GCP) and cloud native logging, monitoring, and security controls.
Proficiency with scripting or programming languages (YARA-L, Python, PowerShell, etc.) for automation, data analysis, and tool integration.
Familiarity with incident response processes, vulnerability management, and security architecture fundamentals.
Strong communication and collaboration skills, with the ability to work effectively across technical and business teams.
Security certifications such as CySA+, GSEC, GCIA, GMON, CEH, CCSP, or CISSP are strongly preferred.
Experience working in agile, DevSecOps, or high-velocity operational environments.
A proactive, analytical mindset with the ability to identify gaps, propose improvements, and drive operational excellence.

Benefits

18 days PTO*
11 Holidays (8 company recognized & 3 floating holidays)
16 hours per year of paid Volunteer Time Off (VTO)
Competitive Healthcare
401(k) Match: 100% match on the first 3% of your salary, plus 50% match on the next 2%
Parental Leave: 8 weeks 100% paid by AvidXchange**
Discounts on Pet, Home, and Auto insurance
WeeCare Childcare Service: helps teammates find affordable daycare, childcare, and tutors 40% less expensive than traditional daycare centers
Perks at Work: free discount program that provides teammates the opportunity to save on items from electronics, movie tickets, car buying, vacations, and more
Onsite gym fitness center, yoga studio, and basketball court
Tuition Reimbursement up to the federal maximum of $5,250***
Hybrid Workplace Flexibility
Free parking

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEMSOARalert creationtuningautomation workflowslog onboardingscriptingYARA-LPythonPowerShell

Soft Skills

communicationcollaborationanalytical mindsetproactiveincident responseproblem-solvingteamworkdocumentationinvestigationremediation

Certifications

CySA+GSECGCIAGMONCEHCCSPCISSP