
Defensive Security Engineer - Virtual/Remote at Vallen. Location Information: Belmont, NC, United States. . Position Summary: . . Vallen's Defensive Security Engineer will serve as a technical lead in threat detection, . incident response. , and the continuous development of Vallen's defensive security tooling and automation. This is a hands-on, engineering-heavy role focused on building, integrating, and optimizing security platforms, from . SIEM. and SOAR to endpoint and cloud-native defenses.. . Essential Job Duties and Responsibilities:. . . Support daily security operations by performing proactive threat hunting across endpoint, network, identity, and cloud data sources.. . Lead investigation and response efforts for high-fidelity alerts, using behavioral analytics and MITRE ATT&CK-based analysis.. . Manage detection pipelines, detection-as-code frameworks, and automated correlation rules across SIEM, EDR, MDR, and XDR platforms.. . Design and implement automated response workflows in SOAR and XDR platforms.. . Integrate alerting tools with threat intelligence platforms, ServiceNow, and remediation workflows.. . Architect and maintain telemetry ingestion pipelines for logs, cloud-native signals, and third-party integrations.. . Act as SME for Vallen's security stack: SIEM, SOAR, EDR/MDR, UEBA, CSPM, container security, vulnerability scanners.. . Support the vulnerability management program by contributing to risk analysis, remediation coordination, and process improvement initiatives.. . Tune detection logic, logging schemas, and role-based access control (RBAC) policies across tools.. . Enforce baseline hardening across Windows, Linux, macOS, and Azure-native services.. . Partner with infrastructure and networking teams to implement microsegmentation, traffic analysis, and endpoint enforcement policies on network security platforms.. . Lead integration efforts with platforms like SentinelOne, Fortinet, Proofpoint and O365.. . Contribute to continuous improvement of detection and response capabilities, processes, playbooks, and security tool strategies.. . Develop and maintain clear process documentation for security operations, enabling IT teams to effectively support end users and resolve security-related tickets.. . Monitor threat landscape and threat intelligence resources to ensure emerging threats are proactively accounted for within the security platform suite.. . . Qualifications. . Job Qualifications: . . Education requirement. : Bachelor's degree in Information Technology, Cyber Security, Computer Science or related field coupled with a minimum of 3-5 years cyber security experience.. . Relevant experience should include:. . . 5+ years in a technical security role (SOC Tier 2/3, security engineering, incident response, or equivalent).. . Hands-on experience with SIEM (e.g., Sentinel, Splunk), EDR/XDR (e.g., SentinelOne, Defender), and SOAR platforms.. . Fluency in interpreting logs, building detections, and writing scripts (PowerShell, Python, etc.).. . Strong understanding of cloud security architecture (Azure preferred), including IAM and telemetry ingestion.. . Experience with threat detection engineering and mapping detections to MITRE ATT&CK.. . Familiarity with secure baselining (CIS/NIST), access controls, and platform hardening.. . . Work Environment & Physical Demands:. . Reasonable accommodations will be evaluated and may be implemented to enable individuals with disabilities to perform essential functions of this position.. . . This job operates in a professional office environment and routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets, etc.. . The work environment is generally favorable. Lighting and temperature are adequate and there are no hazardous or unpleasant conditions caused by noise, dust, etc.. . Long periods of time working on a computer and performing repetitive key-boarding activities.. . Long periods of time performing work over the phone and participating in group conference calls.. . Occasional evening and weekend work may be required as job duties demand and may include little to no advanced notice.. . Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.. . Frequently required to sit and/or stand.. . .