Senior Security Engineer

Company Description

Guardant Health is a leading precision oncology company focused on guarding wellness and giving every person more time free from cancer. Founded in 2012, Guardant® is transforming patient care and accelerating new cancer therapies by providing critical insights into what drives disease through its advanced blood and tissue tests, real-world data and AI analytics. Guardant tests help improve outcomes across all stages of care, including screening to find cancer early, monitoring for recurrence in early-stage cancer, and treatment selection for patients with advanced cancer. For more information, visit guardanthealth.com and follow the company on LinkedIn, X (Twitter) and Facebook.


Position Summary:

The Senior Security Engineer, reporting to the Associate Director of Security Engineering, will be responsible for designing, building, and operating Guardant Health's security logging, detection, and response capabilities. This role is highly focused on security data engineering, SIEM architecture, detection engineering, and incident response, with a strong emphasis on cloud and endpoint visibility.
You will be a hands-on technical leader working across SOC and Security Engineering disciplines to evolve how Guardant Health detects and responds to threats. This role offers the opportunity to wear many hats - from building scalable logging pipelines and modernizing our SIEM, to crafting high-fidelity detections and responding to real-world incidents. You'll also help shape our emerging strategy around AI-powered defense, including how we securely log, monitor, and assess AI and agent activity across the enterprise.

Essential Duties and Responsibilities:

• Design, build, and operate scalable security logging and data pipelines for on-prem, cloud, endpoint, identity, and SaaS platforms.
• Serve as the SIEM subject matter expert, including architecture, onboarding of new log sources, data normalization, performance tuning, and cost optimization and regulatory requirements.
• Develop and maintain high-fidelity threat detection content, including rules, analytics, and behavioral detections across endpoint, cloud, and identity data.
• Own and enhance detection engineering workflows, including testing, tuning, false-positive reduction, and coverage analysis.
• Manage and optimize EDR tooling (e.g., CrowdStrike), including telemetry ingestion, detections, response actions, and integrations with the SIEM.
• Support and participate in incident response, including investigation, containment, eradication, and post-incident reviews.
• Build dashboards, metrics, and reports to measure detection coverage, SOC effectiveness, and security posture.
• Monitor and help secure AWS and cloud-native environments, including CloudTrail, VPC Flow Logs, workload logs, and SaaS integrations.
• Evaluate and implement AI-assisted security capabilities for defense and detection, while also defining how AI systems, agents, and usage are logged, monitored, and assessed for risk.
• Develop documentation, runbooks, and operational playbooks for SOC and security engineering workflows.
• Partner closely with IT, cloud, infrastructure, threat & vulnerability, and security architecture teams.
• Mentor junior engineers and provide technical leadership within the SOC and security engineering functions.
• Stay current on emerging threats, detection techniques, attacker tradecraft, and security data engineering best practices.

Required Qualifications:

• 5+ years of experience in security engineering, security operations, or detection engineering.
• Deep hands-on experience with SIEM platforms, including building detections and managing large-scale log ingestion.
• Strong experience migrating or modernizing SIEM and logging architectures.
• Proven experience with EDR platforms, preferably CrowdStrike.
• Have led SIEM migrations, including planning, data model mapping, detection parity, and validation.
• Strong background in threat detection and incident response within a SOC environment.
• Experience designing and operating security logging pipelines at scale.
• Hands-on experience securing AWS and cloud environments.
• Experience working with identity and access logs, including Okta.
• Understanding of AI and machine-learning use cases in security, including detection, automation, and governance considerations.
• Strong written and verbal communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.

Preferred Qualifications

• Experience with detection engineering frameworks (e.g., MITRE ATT&CK).
• Experience building SOAR or response automation.
• Experience in healthcare, biotech, or other regulated environments.
• Security certifications such as CISSP, GIAC, GCED, GCIA, or cloud security certifications.

AI & Digital Fluency

• Demonstrate curiosity, sound judgment, and the ability to critically evaluate and responsibly leverage AI-enabled tools in accordance with company policies, ethical standards, and regulatory requirements to improve the efficiency, effectiveness, and quality of work.

Hybrid Work Model: This section is applicable to onsite employees who are eligible for hybrid work location as specified by management and related policies. Guardant has defined days for in-person/onsite collaboration and work-from-home days for individual-focused time. All U.S. employees who live within 50 miles of a Guardant facility will be required to be onsite on Mondays, Tuesdays, and Thursdays. We have found aligning our scheduled in-office days allows our teams to do the best work and creates the focused thinking time our innovative work requires. At Guardant, our work model has created flexibility for better work-life balance while keeping teams connected to advance our science for our patients.


The annualized base salary ranges for the primary location and any additional locations are listed below. This range does not include benefits or, if applicable, bonus, commission, or equity. Each candidate's compensation offer will be based on multiple factors including, but not limited to, geography, experience, education, job-related skills, job duties, and business need.Primary Location: Palo Alto, CAPrimary Location Base Pay Range: $130,300 - $179,200Other US Location(s) Base Pay Range: $110,755 - $152,320If the role is performed in Colorado, the pay range for this job is: $117,270 - $161,280

Employee may be required to lift routine office supplies and use office equipment. Majority of the work is performed in a desk/office environment; however, there may be exposure to high noise levels, fumes, and biohazard material in the laboratory environment. Ability to sit for extended periods of time.

Guardant Health is committed to providing reasonable accommodations in our hiring processes for candidates with disabilities, long-term conditions, mental health conditions, or sincerely held religious beliefs. If you need support, please reach out to View email address on click.appcast.io

A background screening including criminal history is required for this role. GH will consider qualified applicants with criminal arrest or conviction histories in a manner consistent with applicable law including but not limited to the LA County Fair Chance Policies and the Fair Chance Act (Gov. Code Section 12952).

Guardant Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

All your information will be kept confidential according to EEO guidelines.

To learn more about the information collected when you apply for a position at Guardant Health, Inc. and how it is used, please review our Privacy Notice for Job Applicants .

Please visit our career page at: