Jobs Companies Envoy Member of Technical Staff, SecOps & Threat Detection Engineer

About this Member of Technical Staff, SecOps & Threat Detection Engineer role at Envoy

Envoy · Onsite · San Francisco, CA

Envoy protects the places the world relies on most by unifying people, spaces, and communications in one secure, integrated workplace management platform and ecosystem. More than 16,000 workplaces around the world trust Envoy to run secure, compliant, and connected operations across every location.

From manufacturing sites and data centers to life sciences labs, healthcare facilities, and corporate headquarters, Envoy unifies visitor management, risk assessment, mailroom management, digital signage software, resource booking, and emergency management into one integrated platform.

With deep integrations across access control, identity, compliance screening, and collaboration tools—including LenelS2, Brivo, Genetec, Honeywell, Cisco Meraki, Okta, Microsoft Azure, Microsoft Teams, Slack, ServiceNow, DocuSign, Avigilon Alta, and Descartes Visual Compliance—Envoy helps organizations reduce risk, stay audit-ready, and operate with clarity at scale.

Learn more at envoy.com

This is an L5 opportunity. Successful candidates typically come from staff or principal-level roles and are recognized for establishing technical direction, leading large-scale initiatives, and shaping engineering strategy across organizations.

 

About the role

We are building a proactive, engineering-led security function focused on threat detection, visibility, and automation.

We are looking for a Staff Security Engineer to own and evolve our Security Operations and Threat Detection capabilities. This role is responsible for defining how we detect, monitor, and respond to threats across our infrastructure, applications, and endpoints.

Today, much of our security posture is reactive. This role will lead the shift toward a system where detection is reliable, measurable, and engineered, not improvised.

You will work across Infrastructure, Platform, and Workplace teams to ensure we have full visibility into our environment and can confidently answer: “If we had a security incident, how quickly would we know?”

This on-site position requires 4 days a week (Monday through Thursday) in our San Francisco HQ office.

 

You will

  • Own the design and evolution of our threat detection and security operations capability

  • Define detection strategy across cloud infrastructure, applications, and endpoints

  • Establish and improve our SIEM and monitoring architecture, including signal quality, coverage, and scalability

  • Design and implement detection-as-code practices, setting standards for how detection logic is built, tested, and maintained

  • Drive visibility across all critical assets, ensuring endpoints, services, and identities are consistently monitored

  • Take ownership of endpoint security monitoring (e.g., SentinelOne), including integration into centralized detection workflows

  • Lead the design and rollout of automated security controls, including secrets rotation for high-risk systems

  • Define alerting strategy, including severity models, escalation paths, and on-call expectations

  • Lead investigations into complex or ambiguous security signals, setting the standard for root cause analysis and response

  • Partner with engineering teams to improve instrumentation and ensure systems emit high-quality security signals

  • Define and track key metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), and drive measurable improvements

  • Mentor and guide other engineers, raising the overall capability of the team in detection and security operations

You have

  • 6+ years of experience in Security Engineering, SRE, or Infrastructure Engineering with a strong security focus

  • Proven experience designing or significantly improving security monitoring, detection, or SIEM systems

  • Strong understanding of cloud environments (ideally AWS), including IAM, networking, and logging at scale

  • Experience working with endpoint detection and response tools such as SentinelOne or similar

  • Deep experience working with logs, events, and telemetry to build meaningful, high-signal detections

  • Strong programming or scripting skills (Python, Go, or similar), with a focus on automation and system design

  • A strong understanding of attacker behavior and the ability to translate threats into detection strategies

  • Experience defining alerting models and reducing noise while maintaining strong coverage

  • Ability to operate in ambiguous environments and define structure where none exists

  • Strong cross-functional communication skills, with the ability to influence engineering and leadership

  • A pragmatic, outcome-oriented mindset focused on reducing real risk and improving operational effectiveness

 

By applying for this position, you acknowledge that you have fully read and understand the job requirements and received the Envoy Privacy Notice for applicants, which is linked here. Completing this application requires you to provide personal data, such as your name and contact information, which is mandatory for Envoy to process your application. Envoy is an EEO Employer and does not discriminate on the basis of any characteristic protected by local, state or federal law.

Ready to apply to Envoy?
Apply to Envoy

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

More jobs at Envoy

See all jobs at Envoy →

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get an edge on your job hunt.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free