Security Operations Engineer

We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry.

This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us.

THE ROLE

As a Security Operations Engineer in the Global Information Security Office (GISO), you will lead the mission to reduce our global attack surface across cloud, endpoint, and SaaS environments. You will report to the Senior Security Operations Manager and work closely with Cloud Platform, Network Engineering, and DevOps teams to connect Zero Trust connectivity and vulnerability management into a coherent program. This role differentiates itself by moving beyond simple task execution to architecting automated, risk-based outcomes that enable the business to scale safely while protecting our most critical assets.

WHAT YOU’LL DO

• Own the Vulnerability & Asset Lifecycle: Drive risk-based remediation across cloud, container, and endpoint environments. You will shift the needle from volume-based reporting to exploitability-led prioritization (EPSS), utilizing asset intelligence to ensure remediation meets SLAs that tangibly reduce organizational risk.
• Engineer Zero Trust & Connectivity: Lead the operational excellence of Zscaler (ZIA/ZPA). You will manage complex SSL/TLS inspection strategies and policy enforcement to provide seamless, secure access while maintaining deep visibility into encrypted traffic flows.
• Eliminate Credential & Secret Risk: Act as the primary architect for secrets detection within CI/CD pipelines. You will partner with DevOps to automate the identification and remediation of exposed credentials, moving security "left" from code to cloud.
• Architect Detection, Deception, & Automation: Build advanced detection queries in Splunk and deploy enterprise-wide deception strategies aligned with the MITRE ATT&CK framework. You will automate manual triage via Python or SOAR workflows to turn raw security data into high-fidelity alerts.
• Validate & Simulate Defenses: Execute targeted adversary simulations and controls validation (e.g., Atomic Red Team) to verify that detections perform as expected, providing risk-rated findings to technical leaders.
• Translate Risk for Stakeholders: Serve as the technical authority who can pivot from deep-packet inspection troubleshooting to delivering "Fix Impact Reports" for executive leadership, quantifying how remediation efforts have eliminated critical threats.

WHAT YOU BRING

• Security Engineering & Vulnerability Mastery: You possess deep experience in security operations and vulnerability management within enterprise environments, including hands-on experience with asset discovery and secrets detection tools such as runZero, TruffleHog, or GitLeaks.
• Zero Trust & Cloud Specialization: You have technical depth in configuring and operating Zero Trust platforms—specifically Zscaler ZIA/ZPA (including SSL inspection design and policy tuning)—and experience securing major cloud providers like AWS, GCP, or Azure.
• Analytical Automation & DevSecOps: You are proficient in SIEM detection engineering (Splunk) and scripting (Python, PowerShell, or Bash), with a proven ability to integrate secrets scanning and automated remediation workflows directly into CI/CD pipelines.
• Offensive Security & Strategic Communication: You bring practical experience with threat emulation and deception technologies mapped to MITRE ATT&CK, coupled with the ability to partner with engineering teams to prioritize remediation and translate technical risk into business-relevant language.

We are primarily an in-office environment. You will be expected to work from our Santa Clara, CA or Lehi, UT office in compliance with company policies, unless on approved PTO, work travel, or other leave.

WHAT YOU CAN EXPECT FROM US:

• Innovation: We celebrate those who think critically, like a challenge, and aspire to be trailblazers.
• Growth: We give you the space and support to grow along with us and to contribute to something meaningful. We have been named Fortune's Best Workplaces in Technology™, Fortune's Best Workplaces in the Bay Area™, and certified as a Great Place to Work®!
• Team: We build each other up and set aside ego for the greater good.

And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events. Check out purebenefits.com for more information.

ACCOMMODATIONS AND ACCESSIBILITY:

Candidates with disabilities may request accommodations for all aspects of our hiring process. For more on this, contact us at TA-Ops@purestorage.com if you’re invited to an interview.

OUR COMMITMENT TO A STRONG AND INCLUSIVE TEAM:

We’re forging a future where everyone finds their rightful place and where every voice matters. Where uniqueness isn’t just accepted but embraced. That’s why we are committed to fostering the growth and development of every person, cultivating a sense of community through our Employee Resource Groups and advocating for inclusive leadership.

Everpure is proud to be an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire.

Join us and bring your best.

Bring your bold.

Pure and simple.