The Role
Are you passionate about technology and enjoy explaining complex solutions in a way that everybody gets excited? If so, read on!
About Picus
Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort.
The Picus Security Validation Platform easily reaches across on-prem environments, hybrid clouds and endpoints coupled with Numi AI to provide exposure validation.
The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 95% recommendation in Gartner Peer Review.
About The Role
If you’re a results-driven person with an entrepreneurial mindset, who takes the initiative and thrives in a dynamic environment, then this is a great opportunity to play a pivotal role in a fast-growing cybersecurity company. We are looking for a smart, agile, and driven engineer to have a direct impact on the future of our business by helping to influence the global adoption of our award-winning Picus Security Validation Platform.
We are looking for a SecOps Engineer to play a key role in securing and optimizing our SaaS-driven, cloud-first IT infrastructure. You will be responsible for managing, automating, and enhancing security tools across our cloud-based infrastructure, Cloud Applications, and macOS-based endpoints. This role will ensure strong security configurations, operational resilience, and compliance alignment while working closely with SOC, IT, and Engineering teams.
As a SecOps Engineer, you will have the opportunity to work with cutting-edge security automation, cloud security solutions, and zero-trust architectures, making a direct impact on the security posture of a highly dynamic SaaS organization.
What You'll Do
- Manage and optimize security tools, including EDR/EPP, Cloud Security Services (GuardDuty, WAF, IAM, CloudTrail, Security Hub), VPN, DNS Security, Network Security, Email Security, and SIEM solutions
- Ensure cloud security best practices are implemented
- Automate security configurations and responses using scripting skills to enhance security operations
- Deploy and maintain macOS endpoint security policies, ensuring strong device hardening and zero-trust access controls
- Work closely with SOC teams to fine-tune SIEM/XDR rules and alerts, reducing false positives and improving detection accuracy
- Implement security orchestration and automation (SOAR) to streamline incident response processes
- Conduct regular security assessments, ensuring SaaS applications and cloud services are securely configured
- Support vulnerability management efforts, ensuring timely patching and risk remediation
- Assist in compliance and security audits, ensuring all security tools align with ISO 27001, AICPA SOC 2, CSA, GDPR, and other regulatory requirements
- Develop documentation and security playbooks to guide security operations and best practices
What You Have
- Hands-on experience in SecOps, security engineering, or security operations
- Strong expertise in cloud security, security tool management, and automation
- Experience securing SaaS applications and cloud-native services
- Hands-on experience with endpoint security, email security, network security, and security automation tools
- Knowledge of zero-trust security architectures and IAM best practices
- Experience in macOS security hardening and endpoint protection
- Proficiency in Python, Bash, or Terraform for security automation and infrastructure as code (IaC)
- Familiarity with security and compliance standards and frameworks (i.e. NIST, CSA, CIS, ISO27001)
- Ability to collaborate with SOC teams, DevOps, IT, and Engineering teams to enhance security controls
- Strong analytical and troubleshooting skills to optimize security operations and incident response workflows
- A proactive and agile mindset with a strong focus on efficiency, automation, and continuous security improvement
Working at Picus
Fascinating work - a chance to shape and lead an exciting, fast-growing cyber security segment. Security Validation is a concept that helps organizations evaluate their security posture in a continuous, automated, and repeatable way. This approach allows for the identification of imminent threats, provides recommended actions, and produces valuable metrics about cyber-risk levels.
Unlimited opportunity! We are growing. At Picus, you'll be provided with as much responsibility as you can handle - new career development opportunities constantly arise given our rate of growth.
Global exposure - Get a lot of experience working not only in a fast-growing startup but also interact with customers all around the world.
Be part of a global remote team who is taking on Exposure Validation and a growing market segment.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, sex, race, color, national origin, religious belief, gender or gender reassignment, sexual orientation, marriage or civil partnership, pregnancy and maternity, disability, protected veteran status, or any other characteristic protected by International law. Upon conditional offer of employment, candidates are required to complete reference and identity checks in line with local labor laws and as per the Company’s employment policy.
Similar Jobs
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Picus Security is the pioneer of Breach and Attack Simulation (BAS). The Picus Complete Security Control Validation Platform is trusted by leading organizations worldwide to continuously validate the effectiveness of security controls against cyber-attacks and supply actionable mitigation insights to optimize them.
Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners.
The company is dedicated to helping security professionals become more threat-centric and via its Purple Academy offers free online training to share the latest offensive and defensive cybersecurity strategies.
Find more here: https://www.picussecurity.com/
