Security Solution Engineer — SIEM/SOAR

Company Overview:

TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the AI-Native MDR landscape.

We’re a fast growing startup backed by industry experts and top tier investors led by Crosspoint Capital Partners and also backed by Shield Capital, DTCP (formerly Deutsche Telekom Capital Partners), Deepwork Capital, and the Florida Opportunity Fund. Seed round led by Andreessen Horowitz (a16z). As an early employee, you’ll play a meaningful role in defining and building our culture. Get in on the ground floor. We’re a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside.

Culture is one of the most important things at TENEX.AI—explore our culture deck at culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work.

About the Role

As a Security Solution Engineer — SIEM/SOAR, you build the content that powers TENEX's MDR delivery. From detection rules and log parsers to SOAR playbooks, dashboards, and custom API integrations, your work is what makes the platform intelligent. You are also a technical trainer — helping customers understand the content they're running and the platform they're operating.

Job Responsibilities

• Author, tune, and maintain detection rules, correlation logic, and threat content across Google SecOps and Microsoft Sentinel

• Build and validate log parsers for new data sources integrated into customer environments

• Develop and maintain SOAR playbooks, automation workflows, and dashboards for common alert types and operational use cases

• Build cloud run functions, scripts, and API integrations where native connectors or content do not exist

• Collaborate with Deployment Engineers to ensure content is ready for new customer go-lives

• Monitor detection coverage gaps and proactively develop content to address them

• Incorporate threat intelligence and adversary TTPs (MITRE ATT&CK) into detection logic

• Serve as an advanced enablement resource for customers — training them on detection content, dashboards, and platform capabilities at a deeper technical level

• Document all content with clear metadata, use cases, and tuning notes

• Support AI-assisted content generation workflows with human review as the quality gate

Required Skills & Qualifications

Technical & Industry Expertise

• 3+ years in detection engineering, content engineering, or security operations

• Strong proficiency in SIEM detection rule development — YARA-L for Google SecOps, KQL for Sentinel, or similar

• Experience building and maintaining SOAR playbooks and automation workflows

• Proficiency with log parser development for diverse data source types

• Knowledge of MITRE ATT&CK framework and its application to detection content

• Experience with Python, cloud run functions, and REST API integrations

• Experience building security dashboards for operational use cases

• Understanding of threat intelligence and how TTPs translate into actionable detection logic

Soft Skills

• Strong problem-solving and troubleshooting skills with a bias toward action

• Excellent customer-facing communication and collaboration abilities

• Ability to thrive in a fast-paced, high-performance startup environment

• Passion for cybersecurity, automation, and continuous improvement

Education & Certifications

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related field (or equivalent practical experience)

• Relevant certifications such as CISSP, CISM, GIAC certifications, Google Cloud Professional, Microsoft SC-200/AZ-500, or AWS Certified Solutions Architect are a plus

Why Join Us?

• Opportunity to work with cutting-edge AI-driven cybersecurity technologies and next-generation security platforms

• Collaborate with a talented and innovative team focused on continuously improving security operations

• Competitive salary and benefits package

• A culture of growth and development, with opportunities to expand your expertise in AI, cybersecurity, and engineering

• Be part of building something new — TENEX's Forward Deployed Engineering organization is a greenfield opportunity to define how enterprise security is delivered at scale