Join a multibillion-dollar global company that brings together amazing technology, people, and operational scale to become a powerhouse in the memory industry. Headquartered in Rancho Cordova, California, Solidigm combines elements of an established, successful technology company with the spirit, agility, and entrepreneurial mindset of a start-up. In addition to the U.S. headquarters and other facilities in the U.S., the company has international presence in Asia, Europe, and the Americas. Solidigm will continue to lead the world in innovating new Memory technologies with aspirations to be the #1 NAND memory company in the world. At Solidigm, we view problems as opportunities to define innovative solutions that hold the power to change the world and unleash the potential technological needs that the future holds. At Solidigm, we are One Team that fosters a diverse, equitable, and inclusive culture that embraces individual uniqueness and empowers us to bring our best selves to deliver excellence in support of Solidigm's vision and mission to be the go-to partner for optimized data storage solutions. You can be part of the takeoff of an innovative business that develops cutting-edge products, delivers strong business value for customers, provides an engaging workplace for its employees, and serves a greater impact on the world. This is a golden opportunity for the right applicant to join us and help design, build, and lead Solidigm. We want a diverse team of dedicated professionals who will not just be Solidigm team members but contribute to how we shape the future of the organization. We are seeking applicants who will grow and thrive in our culture; be customer inspired, trusting, innovative, team-oriented, inclusive, results driven, collaborative, passionate, and flexible.

The Agentic SOC Developer is Solidigm's embedded security builder — a Senior Engineer (IC7) who owns detection coverage strategy, builds and ships production agentic detection and response, and directly expands the capability of the SOC and managed-services partner. This role defines and enforces detection standards grounded in MITRE ATT&CK, operationalizes AI agents and automation pipelines, and governs the non-human identity and delegation lifecycle for security AI agents. This is an engineering role, not an analyst role: the person writes and deploys working code in the live environment.

KEY RESPONSIBILITIES

Define and own detection coverage strategy — establish and maintain detection standards, naming conventions, and quality criteria for the SOC. Map the threat landscape to MITRE ATT&CK TTP coverage; prioritize detection development against real adversary behaviors and threat intelligence; track coverage targets, mean-time-to-detect (MTTD), and false positive rates as operational KPIs.

Build and ship agentic detection and response — own the full lifecycle from threat use case through detections-as-code, automated triage, and production agentic response workflows. Ship working code, not designs.

Embed forward-deployed — work alongside the SOC, IR, and platform/engineering teams; deliver directly in their environment; coach MSP analysts and Solidigm engineers on agentic patterns, detection best practices, and operational hygiene. Model IC7 technical leadership: drive decisions, synthesize inputs, and mentor toward measurable growth.

Design and govern AI agent identity and delegation — architect the end-to-end lifecycle for non-human identities operating in the security environment — scoped delegation, audit logging, and kill-switch controls. Own guardrails, safety controls, and human-oversight mechanisms for production security AI agents; apply MITRE ATLAS adversarial ML techniques to threat-model agent deployments.

Architect and evolve the security data platform — own collector/forwarder architecture, log pipeline design, SIEM strategy, and detection-content portability that enable an adaptive, resilient SOC. Contribute to the technical roadmap for security data infrastructure.

Validate through adversary emulation and framework coverage — run or support purple team and adversary emulation exercises to verify detection efficacy systematically; close coverage gaps identified through testing and operational feedback. All detection work is grounded in MITRE ATT&CK (TTP mapping, kill chain coverage, gap analysis). All AI/agent security work is grounded in MITRE ATLAS (adversarial ML, AI-agent attack vectors including v5.4 agent-specific techniques). Operate within and strengthen the NIST AI RMF, OWASP Top 10 for LLM Applications, and OWASP Top 10 for Agentic AI governance gate.

Force-multiply the managed services partner — build supervised automations that expand analyst capacity under oversight — replacing L1 toil with agents and lowering cost-to-serve while maintaining Solidigm governance and visibility.

• B.S. Degree in Information Security, Cybersecurity, Computer Science, Software Engineering, or related fields.
• Advanced English level (mandatory).
• Software development proficiency — Python preferred; API integration; infrastructure-as-code; CI/CD. This is a development role. Expected experience: 4–6+ years of relevant hands-on work.
• Security operations fluency — detection engineering, SIEM/SOAR platforms, and incident response workflows. Comfortable owning the detection lifecycle end-to-end.
• MITRE ATT&CK depth — TTP mapping, kill chain coverage analysis, and detection-to-technique alignment. Ability to build and maintain ATT&CK coverage heatmaps, prioritize detection development against real threat intelligence, and report on TTP coverage gaps and MTTD.
• MITRE ATLAS depth — adversarial ML threat modeling for AI systems and agents — mapping attack techniques such as model evasion, data poisoning, prompt injection, AI supply-chain compromise, and agent-specific vectors (e.g., Publish Poisoned AI Agent Tool, Escape to Host, LLM jailbreaking). Ability to apply ATLAS to threat-model security AI agent deployments and validate guardrails against the framework's technique catalog.
• AI/agent development experience — hands-on building with agent frameworks, RAG pipelines, or agentic orchestration in production.
• AI security governance knowledge — NIST AI RMF; OWASP Top 10 for LLM Applications (LLM01–LLM10: prompt injection, insecure output handling, training data poisoning, model denial of service, supply chain vulnerabilities, etc.); OWASP Top 10 for Agentic AI Applications; and AI safety control design including guardrails, human oversight mechanisms, and secure orchestration.
• Field mindset — comfortable embedding with operational teams, shipping in partner-controlled environments, and coaching across technical levels.

PREFERRED QUALIFICATIONS

• Microsoft security stack — Defender XDR, Microsoft Sentinel (+ Data Lake), Security Copilot, Logic Apps; KQL; Azure.
• Splunk — SPL, log forwarding, content/detection management, and index administration.
• Agentic tooling — Model Context Protocol (MCP), Security Copilot plugins, or comparable security-native agent orchestration and connector frameworks.
• Non-human identity (NHI) & workload identity — Entra Workload Identities, Okta, or comparable; service principal and managed-identity lifecycle.
• SIEM migration & content portability — platform-to-platform detection migration, collector/forwarder architecture at scale.
• Prior FDE, solutions-engineering, or detection-engineering role — embedded delivery model in enterprise security environments.

This position is also eligible to participate in Solidigm's restricted stock unit (RSU), restricted cash unit (RCU), and cash bonus programs. In addition, Solidigm offers a benefits package that includes medical, dental, vision, supplemental life and AD&D insurance; short- and long-term disability; healthcare and dependent care flexible spending accounts, and a company match on eligible 401(k) plan contributions.

Powered by SmartRecruiters - Candidate Privacy Policy