Senior Security Operations Engineer

Who Are We?

Postman is the world’s leading API platform, used by more than 45 million+ developers and 500,000 organizations, including 98% of the Fortune 500. Postman is helping developers and professionals across the globe build the API-first world by simplifying each step of the API lifecycle and streamlining collaboration—enabling users to create better APIs, faster.

The company is headquartered in San Francisco and has offices in Boston, New York, Austin, Tokyo, London, and Bangalore - where Postman was founded. Postman is privately held, with funding from Battery Ventures, BOND, Coatue, CRV, Insight Partners, and Nexus Venture Partners. Learn more at postman.com or connect with Postman on X via @getpostman.

P.S: We highly recommend reading The "API-First World" graphic novel to understand the bigger picture and our vision at Postman.

The Opportunity

We are seeking an experienced Senior Security Operations Engineer to join our dynamic security team.

You’ll work closely with the broader security and IT team and other engineering teams to develop a strong understanding of our ecosystem to enable you to triage escalations from the SOC and act effectively as an Incident Commander when required. This understanding will aid you in your threat hunting and forensic investigations to uncover indicators of compromise and patterns of malicious activity, as well as fine-tune and develop additional detection rules, configurations, custom playbooks, and automations tailored to our environment.

We are focused on building a more proactive security program, identifying and remediating threats before they can happen. Your collaboration with cross-functional teams will be essential in proactively detecting and responding to security threats and ensuring the overall security of our digital assets. You understand that the best way to ensure security is to craft guardrails that keep users, data, and processes safely contained, while not smothering workflows.

We are maturing our Security Operations program; the candidate who will thrive in this role is someone with curiosity and a willingness to go looking for problems and the diligence to solve them. We are a team that loves questions and trying new things and learning.

What You’ll Do

•
Security Operations Duties:

•
Provide Level 2 support to a managed SOC and support monitoring security alerts and events from various sources

•
Conduct threat hunting and perform forensic investigations to identify indicators of compromise and patterns of malicious activity.

•
Coordinate and manage incident resolution with cross-functional teams, including acting as Incident Commander during incidents

•
Support Cloud Detection & Response platforms to enable various automated notification and containment workflows.

•
Detection Engineering:

•
Fine-tune and develop detection rules, configurations, and automations based on new threats, lessons learned, or environmental changes.

•
Work with the managed SOC to develop custom playbooks.

•
Identify any gaps in logging coverage to ensure we maintain the highest visibility into any threats to our environment

•
Manage Cloudflare security products for web application security, including WAF rules and DDoS protection.

•
Collaborate with cross-functional teams to proactively detect and respond to potential security threats and ensure the overall security of our organization's digital assets.

•
Vulnerability Management:

•
Monitor security advisories, threat intelligence feeds, and vendor updates for critical threats to drive action back into the enterprise/product organization.

About You

•
Education & Experience:

•
Bachelor’s degree in Computer Science, Information Security, or a related field; or requivalent

•
Minimum of 7 years of experience in a SOC analyst, engineer, or security operations role.

•
Technical Skills:

•
Proficiency in programming and relevant scripting languages such as Python, JavaScript, Bash

•
Experience with AWS security services and best practices

•
Familiarity with Cloudflare, SentinelOne, Okta, and related security tools, or similar equivalents

•
Understanding of network protocols, firewalls, and intrusion detection systems

•
Experience with writing net new detections (YARA, YAML, etc), or tuning extant detections

•
Experience with infrastructure as code tools (e.g., Terraform)

•
Experience with EDRs, proxies, MDM, and similar

•
Soft Skills:

•
Strong analytical and problem-solving abilities.

•
Excellent communication skills, both written and verbal.

•
Ability to work independently and as part of a team.

Preferred Qualifications:

•
Certifications such as CISSP, CEH, and AWS Certified Security Specialty.

•
Knowledge of DevSecOps practices and CI/CD pipelines.

•
Familiarity with regulatory compliance standards (e.g., GDPR, ISO 27001).

The reasonably estimated base salary for this role ranges from $220,000 to $240,000, plus a competitive equity package. Actual compensation is based on the candidate's skills, qualifications, and experience.

What Else?

In addition to Postman's pay-on-performance philosophy, and a flexible schedule working with a fun, collaborative team, Postman offers a comprehensive set of benefits, including full medical coverage, flexible PTO, wellness reimbursement, and a monthly lunch stipend. Along with that, our wellness programs will help you stay in the best of your physical and mental health. Our frequent and fascinating team-building events will keep you connected, while our donation-matching program can support the causes you care about. We’re building a long-term company with an inclusive culture where everyone can be the best version of themselves.

At Postman, we embrace a hybrid work model. For all roles based out of San Francisco Bay Area, Boston, Austin, Tokyo, Bangalore, Hyderabad, London, and New York, employees are expected to come into the office 3-days a week. We were thoughtful in our approach which is based on balancing flexibility and collaboration and grounded in feedback from our workforce, leadership team, and peers. The benefits of our hybrid office model will be shared knowledge, brainstorming sessions, communication, and building trust in-person that cannot be replicated via zoom.

Our Values

At Postman, we create with the same curiosity that we see in our users. We value transparency and honest communication about not only successes, but also failures. In our work, we focus on specific goals that add up to a larger vision. Our inclusive work culture ensures that everyone is valued equally as important pieces of our final product. We are dedicated to delivering the best products we can.

Equal opportunity

Postman is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. Postman does not accept unsolicited headhunter and agency resumes. Postman will not pay fees to any third-party agency or company that does not have a signed agreement with Postman.