If you’re the kind of security engineer who wants real ownership, this role puts you in the middle of everything that matters: detection, response, fraud monitoring, and the platforms that keep the whole company safe. You’ll help design the paved roads, tune the sensors, and lead the response when something goes bump in the logs.
About GoodLeap
GoodLeap is a technology company providing financing and software for sustainable home solutions like solar, batteries, HVAC, roofing, windows, and more. Their platform has driven more than $30 billion in financing since 2018, helping over 1 million homeowners access cleaner, more efficient upgrades. They also support GivePower, a nonprofit delivering clean water and electricity systems globally.
Schedule
- Full-time
- Remote (US) with location options including San Francisco, CA; Roseville, CA (HQ); Lehi, UT; West Palm Beach, FL; Irvine, CA
- Bonus eligible (in addition to base salary)
- Salary range: $146,000 to $170,000 per year
What You’ll Do
- Lead and contribute to security and fraud monitoring, detection, and response, including investigations and threat hunting
- Build incident response playbooks for specific scenarios and help refine IR processes
- Identify misuse and abuse cases across enterprise systems and implement detection strategies for them
- Design and build the monitoring, detection, and response platform, including tool selection, integration, and daily operations (SIEM, SOAR, EDR, agentic SOC)
- Develop and support components of the security analytics platform
- Support embedded product security teams by implementing monitoring and detection for products and services
- Support broader security operations work, including vulnerability management and tooling management
- Collaborate across product, engineering, IT, and business teams to drive security outcomes and technical decisions
What You Need
- Strong communication skills and comfort leading technical architecture discussions with both technical and non-technical audiences
- Deep experience in security event management, monitoring, threat hunting, incident response, playbook creation, and orchestration/automation
- Experience with threat modeling methodologies
- Strong experience with EDR platforms (CrowdStrike, SentinelOne, Palo Alto Cortex EDR, or similar)
- AWS experience including services like KMS, S3, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (GCP/Azure is a plus)
- Experience designing, configuring, and implementing monitoring for core enterprise systems (ERP, HCM, Salesforce, etc.)
- Practical CI/CD and DevOps experience, including IaC tools (Terraform, Pulumi, CDK), GitHub/GitHub Actions, artifact and secrets management (Doppler, HashiCorp Vault)
- Ability to write automation scripts in multiple languages and integrate with REST/GraphQL APIs to orchestrate workflows across security and SaaS tooling
- Understanding of human and non-human identity management plus common auth standards and use cases
- Experience overseeing vulnerability and threat management across platform and application layers
- Familiarity with penetration testing and red team exercises, including manual verification and lateral movement concepts
- Comfort partnering with vendors and participating in design partnerships
- Curiosity and willingness to learn new technologies, including AI/ML tooling use cases
Benefits
- Remote work options with multiple location hubs available
- Competitive salary range: $146,000 to $170,000 per year
- Bonus eligibility (role may qualify)
- Mission-driven company and cross-functional security influence (as described)
This is not a “watch the dashboard” job. It’s a “build the dashboard, wire the automations, and run the response” job, so if you want impact, move on it.
If you’re ready to own detection and response at scale, this one’s worth a serious look.
Happy Hunting,
~Two Chicks…