Software Engineer – SOC
Poshmark
full-time
Posted on:
Location Type: Hybrid
Location: Redwood City • California • United States
Visit company websiteExplore more
About the role
- Monitor, analyze, and triage security events and alerts across distributed systems to identify potential incidents and anomalous behavior
- Lead end-to-end incident response, including investigation, containment, eradication, and recovery, with an emphasis on scalable and repeatable processes
- Perform deep-dive root cause analysis of sophisticated attacks spanning infrastructure, network, and application layers, including code-level vulnerabilities
- Design, build, and maintain automation frameworks to improve detection and response efficiency (e.g., auto-remediation, alert enrichment pipelines)
- Develop and maintain detection logic (rules, queries, behavioral analytics) using engineering best practices such as version control, testing, and CI/CD
- Create and continuously improve incident response playbooks as modular, reusable, and programmatic workflows
- Fine-tune alerting systems to reduce noise and false positives through data analysis, feedback loops, and algorithmic improvements
- Collaborate closely with SRE, DevOps, IT and engineering teams to remediate vulnerabilities and improve system security and reliability
- Engineer and enhance SIEM capabilities, including log ingestion pipelines, normalization, correlation rules, and integrations
- Implement and scale security monitoring solutions across cloud-native and distributed environments
- Conduct proactive threat hunting using data-driven and hypothesis-based approaches
- Enrich and correlate telemetry using IOCs, threat intelligence feeds, and custom-built data pipelines
- Contribute to SOC tooling and internal platforms by writing clean, maintainable, and efficient code
- Participate in architecture and design discussions to embed security into systems from the ground up
- Drive and contribute to broader security engineering and SOC modernization projects
Requirements
- 2–4 years of experience in information security, security engineering, or a related field
- Hands-on experience with SIEM platforms, EDR tools, IDS/IPS, firewalls, and vulnerability management systems
- Experience with incident response and security investigations
- Strong understanding of cloud environments (AWS, GCP, or Azure) and associated security considerations
- Proficiency in at least one programming or scripting language (e.g., Python, Bash, or Go) with the ability to build automation and tooling
- Familiarity with software engineering fundamentals (data structures, APIs, version control, testing)
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
incident responseroot cause analysisautomation frameworksdetection logicalerting systemsthreat huntingprogrammingscriptingsoftware engineering fundamentalsdata analysis
Soft Skills
collaborationleadershipcommunicationproblem-solvinganalytical thinking