Defensive Security Engineer - Virtual/Remote

Why Join our Team? At Vallen, we embrace what makes us unique. We thrive on the diversity of our associates and the different ways each of us contributes to Vallen's success. We pride ourselves on being an inclusive company that values the growth of our associates. When you join Vallen, you become part of our winning team. Our vast network of connections is here to help you transform your job into a career. Vallen is an industry leader in delivering flexible supply chain solutions while creating value for our customers, our supply partners, and our associates. Your Benefits at Vallen:

• Medical, Dental, Vision
• Paid time off (vacation, holidays, sick days)
• 401K with discretionary company match - (US positions only)
• Employer-paid Basic Life for Employee, Spouse, and Dependents
• Employer-paid Short-Term and Long-Term Disability
• Health Care and Dependent Care Flexible Spending Accounts
• Vitality Wellness Program
• Employee Assistance Program
• Employee Resource Groups for networking and team building
• Tuition Reimbursement Program
• Employee Referral Program
• Safety Shoe and Safety Glasses reimbursement
• Employee Discounts through BenefitHub
• Advancement Opportunity.

Position Summary:

Vallen's Defensive Security Engineer will serve as a technical lead in threat detection, incident response, and the continuous development of Vallen's defensive security tooling and automation. This is a hands-on, engineering-heavy role focused on building, integrating, and optimizing security platforms, from SIEM and SOAR to endpoint and cloud-native defenses.

Essential Job Duties and Responsibilities:

• Support daily security operations by performing proactive threat hunting across endpoint, network, identity, and cloud data sources.
• Lead investigation and response efforts for high-fidelity alerts, using behavioral analytics and MITRE ATT&CK-based analysis.
• Manage detection pipelines, detection-as-code frameworks, and automated correlation rules across SIEM, EDR, MDR, and XDR platforms.
• Design and implement automated response workflows in SOAR and XDR platforms.
• Integrate alerting tools with threat intelligence platforms, ServiceNow, and remediation workflows.
• Architect and maintain telemetry ingestion pipelines for logs, cloud-native signals, and third-party integrations.
• Act as SME for Vallen's security stack: SIEM, SOAR, EDR/MDR, UEBA, CSPM, container security, vulnerability scanners.
• Support the vulnerability management program by contributing to risk analysis, remediation coordination, and process improvement initiatives.
• Tune detection logic, logging schemas, and role-based access control (RBAC) policies across tools.
• Enforce baseline hardening across Windows, Linux, macOS, and Azure-native services.
• Partner with infrastructure and networking teams to implement microsegmentation, traffic analysis, and endpoint enforcement policies on network security platforms.
• Lead integration efforts with platforms like SentinelOne, Fortinet, Proofpoint and O365.
• Contribute to continuous improvement of detection and response capabilities, processes, playbooks, and security tool strategies.
• Develop and maintain clear process documentation for security operations, enabling IT teams to effectively support end users and resolve security-related tickets.
• Monitor threat landscape and threat intelligence resources to ensure emerging threats are proactively accounted for within the security platform suite.

Job Qualifications:

Education requirement: Bachelor's degree in Information Technology, Cyber Security, Computer Science or related field coupled with a minimum of 3-5 years cyber security experience.

Relevant experience should include:

• 5+ years in a technical security role (SOC Tier 2/3, security engineering, incident response, or equivalent).
• Hands-on experience with SIEM (e.g., Sentinel, Splunk), EDR/XDR (e.g., SentinelOne, Defender), and SOAR platforms.
• Fluency in interpreting logs, building detections, and writing scripts (PowerShell, Python, etc.).
• Strong understanding of cloud security architecture (Azure preferred), including IAM and telemetry ingestion.
• Experience with threat detection engineering and mapping detections to MITRE ATT&CK.
• Familiarity with secure baselining (CIS/NIST), access controls, and platform hardening.

Work Environment & Physical Demands:

Reasonable accommodations will be evaluated and may be implemented to enable individuals with disabilities to perform essential functions of this position.

• This job operates in a professional office environment and routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets, etc.
• The work environment is generally favorable. Lighting and temperature are adequate and there are no hazardous or unpleasant conditions caused by noise, dust, etc.
• Long periods of time working on a computer and performing repetitive key-boarding activities.
• Long periods of time performing work over the phone and participating in group conference calls.
• Occasional evening and weekend work may be required as job duties demand and may include little to no advanced notice.
• Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.
• Frequently required to sit and/or stand.

Stay up to date with Vallen, and follow us on LinkedIn, Facebook and Twitter.
Equal Opportunity Employer - Ethnically and Culturally Diverse/Females/Veterans/Disabled/Sexual Orientation/Gender Identity