Careers

Who we are looking for:

The Senior Operations Engineer is a critical role responsible for the overall security posture of ACV Auctions Threat landscape. Reporting directly to the Director of Cybersecurity Operations, this individual will own and mature the Security Operations program, integrating security practices throughout the environment. This position requires a self-motivated and highly organized engineer with excellent communication and technical skills.

Senior engineer is technical leader who sets technical direction for security operations engineering initiatives. Leads complex, high-impact projects and serves as the escalation point for difficult engineering challenges and opportunities. Drives innovation in security capabilities and represents engineering to the broader organization.

What you will do:

• Lead proactive, hypothesis-driven threat hunting across endpoint, cloud, and identity environments
• Develop and refine detection logic, correlation rules, and behavioral analytics within SIEM and EDR platforms
• Map adversary tactics, techniques, and procedures (TTPs) to MITRE ATT&CK to improve detection coverage
• Analyze threat intelligence and emerging attack patterns to strengthen defenses
• Lead and scale cybersecurity operations across enterprise or multi-tenant environments
• Oversee incident triage, investigation, containment, and remediation
• Act as escalation point for high-severity incidents
• Improve alert fidelity and reduce false positives through tuning and automation
• Mature the alert and incident management tracking systems
• Standardize workflows and playbooks to ensure operational consistency
• Design and implement incident response frameworks and playbooks
• Lead response efforts for advanced threats across environments supporting up to large user bases
• Conduct root cause analysis and post-incident reviews
• Automate response actions to reduce mean time to detect/respond (MTTD/MTTR)
• Secure multi-cloud environments (AWS, GCP) through posture management and configuration monitoring
• Detection of Zero Trust principles and violations across identity and access management systems
• Strengthen controls within platforms such as, CASB and DLP solutions
• Automate workflows and security operations processes for tracking the remediations actioned against the environment
• Integrate tooling and orchestrate response using SOAR or similar platforms
• Continuously improve detection capabilities and operational efficiency
• Deliver AI enabled automations and tooling for the ACV Security Operations Center
• Deliver executive-level reporting (MBRs/QBRs) on security posture, threats, and risk
• Translate technical findings into business-relevant insights to present to external stakeholders
• Collaborate cross-functionally with IT, engineering, and leadership teams
• Perform additional duties as assigned.

What you will need:

• 8+ years’ experience
• Minimum of a 4 year Bachelor’s degree
• Strong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls).
• Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments. Experience with Fintech companies is desirable.
• Experience with modern software development including Agentic and Generative AI techniques.
• Familiarity with adversarial AI/ML techniques and their protections, such as Interference attacks and others in the MITRE ATLAS framework.
• Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context for executive leadership and stakeholders.
• Ability to work effectively in a remote environment and manage geographically dispersed teams.