Senior Engineer, Security Operations

ACVOperationsBuffalo, NY, USA RemotePosted on Apr 28, 2026Apply nowWho We Are Looking ForThe Senior Operations Engineer is a critical role responsible for the overall security posture of ACV Auctions Threat landscape. Reporting directly to the Director of Cybersecurity Operations, this individual will own and mature the Security Operations program, integrating security practices throughout the environment. This position requires a self-motivated and highly organized engineer with excellent communication and technical skills.Senior engineer is technical leader who sets technical direction for security operations engineering initiatives. Leads complex, high-impact projects and serves as the escalation point for difficult engineering challenges and opportunities. Drives innovation in security capabilities and represents engineering to the broader organization.What You Will DoLead proactive, hypothesis-driven threat hunting across endpoint, cloud, and identity environmentsDevelop and refine detection logic, correlation rules, and behavioral analytics within SIEM and EDR platformsMap adversary tactics, techniques, and procedures (TTPs) to MITRE ATT&CK to improve detection coverageAnalyze threat intelligence and emerging attack patterns to strengthen defensesLead and scale cybersecurity operations across enterprise or multi-tenant environmentsOversee incident triage, investigation, containment, and remediationAct as escalation point for high-severity incidentsImprove alert fidelity and reduce false positives through tuning and automationMature the alert and incident management tracking systemsStandardize workflows and playbooks to ensure operational consistencyDesign and implement incident response frameworks and playbooksLead response efforts for advanced threats across environments supporting up to large user basesConduct root cause analysis and post-incident reviewsAutomate response actions to reduce mean time to detect/respond (MTTD/MTTR)Secure multi-cloud environments (AWS, GCP) through posture management and configuration monitoringDetection of Zero Trust principles and violations across identity and access management systemsStrengthen controls within platforms such as, CASB and DLP solutionsAutomate workflows and security operations processes for tracking the remediations actioned against the environmentIntegrate tooling and orchestrate response using SOAR or similar platformsContinuously improve detection capabilities and operational efficiencyDeliver AI enabled automations and tooling for the ACV Security Operations CenterDeliver executive-level reporting (MBRs/QBRs) on security posture, threats, and riskTranslate technical findings into business-relevant insights to present to external stakeholdersCollaborate cross-functionally with IT, engineering, and leadership teamsPerform additional duties as assigned.What You Will Need8+ years’ experienceMinimum of a 4 year Bachelor’s degreeStrong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls).Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments. Experience with Fintech companies is desirable.Experience with modern software development including Agentic and Generative AI techniques.Familiarity with adversarial AI/ML techniques and their protections, such as Interference attacks and others in the MITRE ATLAS framework.Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context for executive leadership and stakeholders.Ability to work effectively in a remote environment and manage geographically dispersed teams.Excellent communication, interpersonal and leadership skills, with the ability to interact with staff at all levels.Knowledge of CASB, DLP and SASE technologiesProven ability to be agile and work effectively in a dynamic environment.Demonstrated ability to perform under pressure and respond rapidly to emerging incidents and situations.Excellent coordination, project management, and organization skills and comfortable with multi-tasking in a high-energy environment.Should be a creative and analytical problem solver with a passion to provide excellent customer service.Practical hands-on experience engineering and implementing data security controls in cloud environments including databases, datastores and SaaS platforms.Linux and Kubernetes/Container management and securityDevOps code based implementation and managementKnowledge of AWS including but not limited to S3, Lambda, RDS, EC2 and AWS Security CenterUnderstanding of TCP/IP Networking including knowledge of Protocols and ServicesUnderstanding of what Information or Assets are of value to Threat Actors and how Organizations are Breached and Customer Accounts Compromised.Overall understanding of the Security domain, compliance, business, risk, ops etc ALONG with its application to the business.Apply nowSee more open positions at ACV