Arch Capital Group Ltd offers a robust benefits package and a remote-friendly work setup for a Senior Security Engineer. This role is based in Greensboro, NC with remote options, and centers on protecting enterprise systems, data, and cloud environments through advanced security engineering, threat detection, and AI driven capabilities. You will lead investigations and advance detection and response using automation and AI.
Benefits
- Medical plans including dental, vision, and prescription drug coverage
- 401k with generous matching
- PTO beginning at 20 days per year
- Up to 12 paid company holidays per year
- 2 paid days of Volunteer Time Off
- Basic Life and AD&D Insurance
- Short and Long-Term Disability
- Paid Parental Leave up to 10 weeks
- Student Loan Assistance and Tuition Reimbursement
- Backup Child and Elder Care
Overview
As a Senior Security Engineer, you will protect enterprise systems, data, and cloud environments from evolving cyber threats. The role emphasizes advanced security engineering, threat detection, and AI driven security capabilities. You will serve as a senior technical resource, leading complex investigations and boosting detection and response through automation and AI.
Why this role
The position offers the chance to shape next generation security capabilities, including AI driven detection, automation, and cloud security, while tackling high impact enterprise challenges. This remote role is open to candidates across the United States, with a preference for those located near Arch office.
Responsibilities
- Design and deploy agentic AI workflows and autonomous playbooks to automate Tier 1/2 alert triage, context enrichment, and incident response
- Develop and fine tune detection logic across SIEM, EDR/XDR, and cloud platforms with emphasis on behavioral analytics and anomaly detection
- Use Python to build custom security tools, integrate disparate security APIs, and maintain reusable codebases for security orchestration (SOAR)
- Lead threat hunting initiatives and serve as a Tier 3 escalation resource for complex, high severity incidents
- Analyze attacker TTPs and map coverage against the MITRE ATT&CK framework to proactively close gaps
- Secure cloud environments (AWS, Azure, or GCP) with a focus on auditing, monitoring, and protecting production AI/LLM pipelines and workloads
- Mentor junior team members, conduct code reviews for automation scripts, and promote robust software engineering practices within the security team
Requirements
- 7+ years of cybersecurity experience with a focus on security or detection engineering
- 3+ years in a Senior Security Engineer role
- Deep technical knowledge of incident response, threat hunting, and adversary TTPs
- Experience implementing and managing detection logic across enterprise SIEM, EDR/XDR, or cloud-native security tools
- Experience securing and monitoring cloud infrastructure (AWS, Azure, or GCP)
- Proficiency building functional tools in Python or PowerShell, interacting with REST APIs, and writing clean, structured code; experience with Git and CI/CD pipelines is preferred
- Bachelor’s degree in Computer Science, Cybersecurity, or Engineering
Technologies
- Python, PowerShell
- REST APIs
- Git, CI/CD pipelines
- AWS, Azure, GCP
- SOAR, SIEM, EDR/XDR
- MITRE ATT&CK, AI/LLM pipelines