Job Description

The Security Operations Engineer will build and operate the core of the Attack Surface Management (ASM) and Secrets Detection program, integrating asset discovery, vulnerability visibility, and secrets scanning into scalable workflows to ensure asset security and prevent credential leaks.

Responsibilities

• Operate and improve asset discovery workflows
• Track and tag assets
• Support vulnerability intelligence workflows
• Deploy and maintain secrets detection tools
• Build logic to detect and route secret alerts
• Partner with developers to eliminate hardcoded credentials
• Monitor for secrets exposure
• Integrate secrets scanning into CI/CD
• Correlate asset inventory with telemetry
• Automate triage workflows
• Build dashboards and reporting pipelines
• Contribute to detection content and alert tuning

Requirements

• 5–8 years of experience in security operations or related engineering roles
• Experience with runZero, TruffleHog, GitLeaks, or similar tools
• Familiarity with cloud platforms (AWS, GCP, Azure) and CI/CD pipelines
• Working knowledge of GitHub and secure code practices
• Solid scripting or automation ability (Python, Bash)
• Experience managing asset metadata
• Strong understanding of secrets hygiene and IAM basics
• Experience with vulnerability management workflows
• Comfort working with log aggregation and ticketing systems
• Clear communication skills

Benefits

• No benefits