Key skills
AIAgenticOAuthSplunkSumo LogicGitHubServiceNowSaaSSalesforceCloud Security
About this role
Vorlon is the Agentic Ecosystem Security Platform protecting sensitive data in the AI and SaaS ecosystem. As a Senior Security Operations Engineer, you will help enterprise clients operationalize Vorlon within their SOC environments and build integrations to enhance security operations.
Responsibilities:
- Work with our growing network of VAR and MDR partners to incorporate Vorlon into their managed SOC platforms, enabling partners to deliver agentic ecosystem security as part of their core service offering
- Build, maintain, and improve integrations with SIEM, SOAR, AI SOC, ITSM, and threat intelligence platforms alongside the SecOps integrations team
- Support enterprise clients with technical guidance on deploying Vorlon within their existing SecOps workflows, ensuring findings flow cleanly into the tools and processes teams already use
- Design and document integration architectures, detection content, and response playbooks that help partners and clients get maximum value from Vorlon
- Act as a technical bridge between partners, clients, and Vorlon's Engineering and Product teams — translating real-world SOC requirements into integration improvements and roadmap input
- Respond to technical questions from partners and clients with clarity and confidence, including RFPs and security reviews
- Stay current on emerging threats targeting AI agents, SaaS apps, APIs, and non-human identities and how SOC teams are evolving to address them
Requirements:
- 10+ years of experience in security operations, SOC engineering, or a closely related technical security role
- Deep hands-on experience with SIEM, SOAR, ITSM, and threat intelligence platforms and how they fit together inside a modern SOC
- Strong understanding of detection engineering, incident response workflows, and alert triage at scale
- Experience working with or building for MDR or managed SOC environments is a strong plus
- Familiarity with how AI agents, non-human identities, and SaaS integrations introduce new threat vectors into the enterprise
- Solid understanding of APIs, OAuth, and integration architecture as they relate to security data flows
- Ability to operate independently in a fast-moving startup environment with high ownership and low overhead
- Hands-on experience with several of the following: Splunk, Google SecOps, Sumo Logic, Observe, Devo, Tines, Torq, Palo Alto XSOAR, or ServiceNow
- Experience with SSPM, CASB, identity security, or cloud security platforms
- Familiarity with common enterprise SaaS platforms such as Microsoft 365, Google Workspace, Salesforce, Slack, and GitHub
- Prior experience at an early-stage security company
- Relevant certifications such as CISSP, GCIA, GCIH, or Splunk Certified Architect