This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
We're searching for a Staff Security Engineer, Enterprise Security Operations to join our Enterprise Security Engineering team, reporting to the Technical Lead Manager of Security Engineering. This position is open to the following office locations: Mountain View, San Francisco, Seattle, Pittsburgh, Dallas, Detroit, and Phoenix. Aurora is scaling its autonomous trucking operations, and we need someone who makes our security tools actually work, not just deployed, but deeply configured, continuously tuned, and fully leveraged. This role is for the practitioner who has spent their career living inside security platforms: the person who knows their EDR better than the vendor's own support team, who can write a SIEM query from memory, and who instinctively knows when an alert is misfiring and exactly why. This is not a software engineering role. It's a role for an elite security operator — someone with the instincts of a seasoned SOC analyst and the technical depth to own the platforms that power detection, response, and protection at enterprise scale.
Job Responsibility
Own the operational health, configuration, and continuous improvement of Aurora's enterprise security platform stack
Develop and refine detection rules, correlation logic, and alert policies
Conduct proactive threat hunting across Aurora's security telemetry
Serve as the deepest internal expert on Aurora's enterprise security tooling
Participate in the team's on-call rotation, leading deep-dive investigations into security alerts and incidents
Continuously audit and validate that existing security controls are configured to actually do what they are supposed to do
Maintain operational runbooks, detection documentation, and platform configuration records
Requirements
12+ years of hands-on experience in enterprise security operations, security platform administration, or a senior SOC engineering role
Expert-level proficiency administering and operating at least two enterprise security platforms (e.g., CrowdStrike, SentinelOne, Splunk, Panther, Sentinel, Jamf, Kandji/Iru, Puppet, WorkspaceONE, Intune, Zscaler, Okta, Proofpoint, Wiz, osquery)
Demonstrated ability to tune and optimize security platforms beyond out-of-the-box configurations