Gridware
Gridware is a San Francisco-based technology company dedicated to protecting and enhancing the electrical grid. We pioneered a groundbreaking new class of grid management called active grid response (AGR), focused on monitoring the electrical, physical, and environmental aspects of the grid that affect reliability and safety. Gridware’s advanced Active Grid Response platform uses high-precision sensors to detect potential issues early, enabling proactive maintenance and fault mitigation. This comprehensive approach helps improve safety, reduce outages, and ensure the grid operates efficiently. The company is backed by climate‑tech and Silicon Valley investors. For more information, please visit www.Gridware.io.
Role Description We are seeking a Security Operations Engineer to help safeguard and scale the security of our cloud‑first environment. In this role, you’ll enhance detection and response capabilities, strengthen identity and access controls, and improve the systems and processes that keep our infrastructure resilient.
You’ll work closely with engineering, IT, and infrastructure teams to embed security best practices into everything we build. This role is ideal for a hands‑on security professional who thrives in fast‑moving environments and enjoys improving visibility, automation, and operational readiness.
Responsibilities
Lead and support security incident response, including triage, investigation, containment, and post‑incident reviews.
Analyze and tune EDR, SIEM, and network telemetry alerts to separate false positives from real threats.
Configure and optimize detection tools, including correlation rules, detection logic, and response playbooks.
Implement and maintain identity and access controls, ensuring least‑privilege and conditional access standards.
Automate recurring SecOps workflows through scripting and integrations across monitoring and response tools.
Required Skills
3–5 years in security operations, incident response, or SOC environments.
Strong understanding of threat detection, investigation, and response workflows.
Hands‑on experience tuning EDR and SIEM platforms for effective coverage and alerting.
Ability to write detection or hunting queries (e.g., KQL, SPL, SQL‑like languages).
Familiarity with IAM principles, cloud security basics, and at least one scripting language (Python, PowerShell, etc.).
Bonus Skills
Experience with SOAR platforms or custom security automation.
Familiarity with cloud security posture management (CSPM) or cloud‑native threat detection tools.
Ability to use threat intelligence to refine detections and response playbooks.
Understanding of frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001.
This describes the ideal candidate; many of us have picked up this expertise along the way. Even if you meet only part of this list, we encourage you to apply!
Benefits
Health, Dental & Vision (Gold and Platinum with some provider plans fully covered)
Paid parental leave
Alternating day off (every other Monday)
“Off the Grid”, a two week per year paid break for all employees.
Commuter allowance
Company‑paid training
Seniority Level
Mid‑Senior level
Employment Type
Full‑time
Job Function
Information Technology
Industries
Software Development
#J-18808-Ljbffr
Role Description We are seeking a Security Operations Engineer to help safeguard and scale the security of our cloud‑first environment. In this role, you’ll enhance detection and response capabilities, strengthen identity and access controls, and improve the systems and processes that keep our infrastructure resilient.
You’ll work closely with engineering, IT, and infrastructure teams to embed security best practices into everything we build. This role is ideal for a hands‑on security professional who thrives in fast‑moving environments and enjoys improving visibility, automation, and operational readiness.
Responsibilities
Lead and support security incident response, including triage, investigation, containment, and post‑incident reviews.
Analyze and tune EDR, SIEM, and network telemetry alerts to separate false positives from real threats.
Configure and optimize detection tools, including correlation rules, detection logic, and response playbooks.
Implement and maintain identity and access controls, ensuring least‑privilege and conditional access standards.
Automate recurring SecOps workflows through scripting and integrations across monitoring and response tools.
Required Skills
3–5 years in security operations, incident response, or SOC environments.
Strong understanding of threat detection, investigation, and response workflows.
Hands‑on experience tuning EDR and SIEM platforms for effective coverage and alerting.
Ability to write detection or hunting queries (e.g., KQL, SPL, SQL‑like languages).
Familiarity with IAM principles, cloud security basics, and at least one scripting language (Python, PowerShell, etc.).
Bonus Skills
Experience with SOAR platforms or custom security automation.
Familiarity with cloud security posture management (CSPM) or cloud‑native threat detection tools.
Ability to use threat intelligence to refine detections and response playbooks.
Understanding of frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001.
This describes the ideal candidate; many of us have picked up this expertise along the way. Even if you meet only part of this list, we encourage you to apply!
Benefits
Health, Dental & Vision (Gold and Platinum with some provider plans fully covered)
Paid parental leave
Alternating day off (every other Monday)
“Off the Grid”, a two week per year paid break for all employees.
Commuter allowance
Company‑paid training
Seniority Level
Mid‑Senior level
Employment Type
Full‑time
Job Function
Information Technology
Industries
Software Development
#J-18808-Ljbffr