About Dropzone AI

Dropzone AI is the leading AI SOC Analyst category and is trusted by security teams like UIPath, Zapier, Indiana Farm Bureau worldwide to automate tedious, repetitive tasks. Our platform autonomously investigates alerts 24/7, integrates seamlessly with existing security tools, and delivers decision-ready investigation reports. Dropzone AI eliminates alert fatigue and accelerates incident response, empowering security teams to address real threats proactively without adding headcount. No playbooks, no code, no prompts - just streamlined security operations. Dropzone AI is a 2024 Gartner Cool Vendor for Modern Security Operations and is featured in the Gartner Hype Cycle for Security Operations 2025. The Dropzone AI team is thrilled to be recognized in the AI Agent Category by being a RSA Innovation Sandbox 2024 Finalist, a Madrona IA40 Intelligent Applications Winner, CBInsights AI 100 2025 winner, and a 2025 CyberShark Pitch Competition Finalist. Learn more at www.dropzone.ai.

About the role

As a SOC Automation Quality Engineer at Dropzone AI, you will be the gatekeeper of investigation excellence in our AI-driven SOC platform. You will ensure that every investigation meets rigorous standards for accuracy, completeness, and actionable insight. Partnering closely with our SOC Automation Lead, you will transform raw investigation data into trends and a roadmap for continuous improvement. Your work will directly influence our product’s ability to scale securely and intelligently for customers of every size.

You will balance deep technical scrutiny with a passion for making AI-powered SOC workflows measurably better. By deconstructing your security-triage expertise into defined, repeatable processes, you will drive consistency and scalability across investigations. Collaboration with Engineering, Product, and Customer Success teams will turn QC findings into prioritized issues, implementation guidance, and process enhancements.

What you'll do

• Review AI-driven investigations end-to-end, grading them against a defined rubric, and logging defects for remediation.
• Identify trends and root causes of issues across real investigation data, building defect taxonomies that inform our automation roadmap.
• Collaborate with Engineering and the SOC Automation Lead to prioritize and test quality-improvement initiatives.
• Propose and document prompt-engineering or configuration tweaks that eliminate recurring errors.
• Validate system changes through metrics such as MTTC, precision, and recall, closing the feedback loop with evidence. 
• Serve as a security SME for Engineering and Customer Success, clarifying SOC workflows and answering triage questions.
• Author technical blogs on AI impact on SecOps and case studies.

What you won’t be doing

• Live incident response or triaging production alerts.
• Extensive backend or integration development.
• Pager-duty or on-call rotations.
• Building or maintaining large-scale detection-engineering logic and playbooks

Requirements

• Extensive experience in a SOC or security-engineering environment, with a proven ability to improve detection strategies and workflows.
• Proficiency investigating and responding to threats across Endpoint, Identity, Network, SaaS Apps, and Cloud Infrastructure.
• Familiarity with large language models (LLMs) and prompt-iteration workflows.
• Working knowledge of MITRE ATT&CK, detection logic, and suppression techniques.
• Ability to communicate technical findings effectively to diverse audiences, from engineers and analysts, to executives and non-technical stakeholders.
• Excellent written communication and feedback skills, with a constructive, detail-oriented mindset.
• Passion for blending technical excellence, analytical rigor, and creative problem-solving to redefine modern security operations.

Nice to Haves

• Experience designing QC rubrics, sampling methodologies, or statistical evaluation frameworks.
• Comfort with version control systems and strong Git operations skills.
• Proficiency with data-analysis tools (SQL, BI platforms, Python notebooks).
• Previous contributions to open-source detection or threat-intelligence projects.
• Experience working with LLMs in a Python / API-oriented codebase.

Research shows some groups only apply if they meet 100% of the criteria; we encourage you to apply even if your experience doesn’t perfectly match every bullet.

Work Environment/Travel

We are a 100% remote company where you will work from your home with company-provided equipment to set you up for success. Semi-frequent travel to professional office settings and other events locally and nationally; some overnight travel expected.

Compensation

In the spirit of pay transparency, we are excited to share the base salary range below, exclusive of fringe benefits or potential bonuses. If you are hired at Dropzone your final base salary compensation will be determined based on factors such as geographic location, skills, education, and/or experience. In addition to those factors, we believe in the importance of pay equity and consider internal equity of our current team members as a part of any final offer. Please keep in mind that hiring at the maximum of the range would not be typical to allow for future and continued salary growth. We also offer a generous benefits package, including company paid health insurance, 401K Plan, Self-Managed PTO, parental leave, and more.