Key skills
PythonGoBashCRustSIEM platformsSOAR platformsEDR platformsXDR platformsZero trust architecturesConditional accessSASECASBOktaGoogle WorkspaceFreeIPASDWANVPNIDSIPSFirewall administrationSecurity telemetry pipelinesLog ingestion frameworksMITRE ATT&CK frameworkVulnerability assessmentsPenetration testingAWSGCPHybrid cloud environmentsAIIAMSSOProblem SolvingPenetration TestingNetwork SecurityZero TrustFirewall
About this role
Etched is building the world’s first AI inference system purpose-built for transformers, aiming to deliver significantly higher performance and lower costs. As a Security Engineer, you will be responsible for protecting the networks, systems, and applications that support AI hardware development, focusing on designing and implementing security measures across both on-prem and cloud environments.
Responsibilities:
- Manage and harden security baselines across on-prem, hybrid, and cloud systems, ensuring strong protection while maintaining speed and usability
- Integrate telemetry, logging, tracing, and management of structured, semi-structured, and unstructured data across the entire environment to provide unified and comprehensive observability into infrastructure and application activity
- Lead vulnerability management, patching, and configuration assurance programs to reduce exposure and maintain a consistent security posture
- Partner with infrastructure, IT, and application teams to strengthen identity, access, and network security through Okta, Google Workspace, and FreeIPA
- Implement and maintain zero-trust network architectures, SASE controls, CASB solutions, and conditional access policies that protect both users and data across environments to ensure full access and full control of our data and IP regardless of location or device
- Operate and enhance security operations tooling, including SIEM, SOAR, and EDR/XDR platforms, to ensure comprehensive monitoring and rapid detection of threats
- Develop and tune detection logic, automation, and playbooks for identifying and responding to threats such as insider activity, lateral movement, and anomalous behavior
- Investigate and respond to security incidents, performing root-cause analysis, containment, and remediation while coordinating with engineering and IT
- Build automation, scripts, AI agents, and integrations that streamline monitoring, alerting, and remediation workflows to improve efficiency and reliability
- Establish metrics, dashboards, and feedback mechanisms to measure detection coverage, response time, and overall security health
- Promote a culture of security awareness and ownership across engineering teams, ensuring that protection and productivity advance together
Requirements:
- 5-7+ years of experience in security engineering, SOC operations, detection engineering, incident response, or a similar role that blends hands-on technical work with analytical problem solving
- Strong software engineering skills with Python, Go, Bash, (C and Rust a major plus), including the ability to design, implement, and maintain high-quality code, automation frameworks, services, and integrations that improve security, observability, and operational efficiency
- Proficiency with SIEM and SOAR platforms, including experience building detections, dashboards, and automated workflows
- Deep understanding of EDR and XDR platforms, endpoint security hardening, and telemetry collection across macOS, Linux, Windows, and server environments
- Experience implementing or supporting zero trust architectures, including conditional access, SASE, CASB, and identity-driven access control models
- Familiarity with IAM and SSO systems such as Okta, Google Workspace, and FreeIPA and the ability to design secure identity, access, and authentication policies
- Strong networking knowledge, including SDWAN, VPN, IDS and IPS, firewall administration, segmentation strategy, and monitoring of network traffic for anomalies
- Hands-on experience managing or building security telemetry pipelines, log ingestion frameworks, or observability systems that support both structured and unstructured data
- Solid understanding of threat modeling, the MITRE ATT and CK framework, attacker tradecraft, and common detection and response patterns
- Experience performing vulnerability assessments, penetration testing, or secure configuration reviews and collaborating with teams to remediate identified risks
- Exposure to cloud and hybrid environments such as AWS, GCP, or on-prem clusters and the ability to evaluate risks and implement protective controls across these environments