Senior Security Operations (SecOps) Engineer

Samsung SDS America (SDSA) serves as the U.S. technology and innovation hub for Samsung’s global enterprise solutions, delivering secure, scalable, and high‑performance IT services that support some of the world’s most complex business environments. As SDSA continues to expand its cloud, mobility, analytics, and cybersecurity capabilities, maintaining a resilient security operations foundation is essential to protecting the company’s digital assets and ensuring uninterrupted service delivery. This need for operational rigor and real‑time threat defense creates the environment in which the Security Operations Engineer plays a critical role.

The Senior Security Operations Engineer leads project‑focused initiatives that advance SDSA’s security posture, rather than handling routine ticket resolution. The engineer drives end‑to‑end delivery of security‑control automation, threat‑management platforms, and governance frameworks while maintaining day‑to‑day operational integrity. Core responsibilities span strategic program leadership, real‑time threat detection & response, and security‑control optimization. 

Responsibilities:

• Lead Security‑Operations Projects - Own the full lifecycle of multi‑disciplinary security projects (e.g., SIEM migration, DLP automation, Secure‑Web‑Gateway hardening), from requirements gathering and stakeholder alignment to design, implementation, testing, and post‑deployment review.
• Architect & Enforce Control Governance - Develop and maintain detailed runbooks, playbooks, and SOPs that codify security‑control configuration, change‑control processes, and compliance checkpoints across firewalls, IDS/IPS, anti‑malware, and data‑loss‑prevention solutions.
• Direct Real‑Time Threat Management - Oversee the configuration, tuning, and integration of SIEM, DLP, and Secure‑Web‑Gateway telemetry; design correlation rules that reduce false positives by > 30 % and trigger automated containment workflows via SOAR platforms.
• Participate in Incident Response Programs – Play a key SME role to identify and drive incident response resolutions.
• Collaborate with Security Engineering & Architecture Teams - Partner with engineers to embed vulnerability‑management findings into patch‑prioritization pipelines; advise architects on control selection that satisfies regulatory requirements (e.g., GDPR, CCPA, NIST 800‑53).
• Drive Continuous Improvement - Lead change‑management initiatives that modernize legacy security tools, introduce security orchestration (e.g., Ansible, Terraform), and enforce configuration‑as‑code standards.
• Vendor & Policy Management - Assist GRC in technology review of 3rd party and partners

• 8+ years in enterprise information security with a proven track record of delivering security‑operations projects (platform migrations, automation initiatives).
• Hands‑on knowledge of firewalls, IDS/IPS, anti‑malware, VPN, DLP, SIEM (Splunk, QRadar), vulnerability scanners (Nessus/Qualys), and cloud security controls (AWS GuardDuty, Azure Sentinel).
• Designed SOAR playbooks; scripted in Python/PowerShell; implemented IaC for security controls.
• Proficient in the implementation, configuration, & administration of Windows servers, Linux, VM, and Container systems and hardening.
• Demonstrated ability to manage scope, schedule, risk, and stakeholder communication for security programs.
• Translate legal/regulatory mandates (NIST, ISO 27001) into actionable security controls and governance artifacts.
• The demonstrated ability to work effectively in a collaborative team environment or as an individual contributor.
• Experience managing information security controls, specifically monitoring, troubleshooting, maintaining, and modernization of mission critical networks and information systems.
• Must be eligible to work in the US for any employer without restrictions.
• Must be willing and able to work onsite in San Jose, CA.

Preferred Qualifications:

• Experience with project management, vendor management, and policy development.
• Hands-on experience with Netskope (NG-SWG, CASB, DLP, ZTNA, RBI, Cloud Firewall) or similar.
• Demonstrated ability in deploying, configuring, and operationalizing Darktrace threat detection platform.
• Prior experience in leading or being part of a security incident response team and proven experience in using SIEM and network DLP.
• Ability to work in a small, collaborative team environment and as an individual contributor.
• Bachelor’s Degree in relevant field is strongly preferred.

Samsung SDSA offers a comprehensive suite of programs to support our employees:

• Top-notch medical, dental, vision and prescription coverage
• Wellness program
• Parental leave
• 401K match and savings plan
• Flexible spending accounts
• Life insurance
• Paid Holidays
• Paid Time off
• Additional benefits

Samsung SDS America, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability, status as a protected veteran, marital status, genetic information, medical condition, or any other characteristic protected by law.

We are committed to providing reasonable accommodations to participate in the job application or interview process for candidates with disabilities. Please let your recruiter know if you need an accommodation at any point during the interview process.

The base pay range for this role depends on appropriate skills, experience, and technical level. Career Level 3 base salary is USD $150,000 - $220,000.

Individual base pay depends on various factors, in addition to primary work location, such as complexity and responsibility of role, job duties/requirements, and relevant experience and skills.

Certain roles are eligible for additional rewards, including annual bonus. U.S.-based employees have access to medical, dental, and vision insurance, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, and wellbeing benefits, among others. U.S.-based employees also receive, per calendar year, up to 10 scheduled paid holidays, and Paid Time Off.