Security Operations Engineer

This role will monitor, detect, analyze, and respond to security threats across the enterprise environment. You will work closely with threat intelligence, incident response, and engineering teams to protect the infrastructure, data, and customers. The ideal candidate has solid SOC experience, a strong technical foundation in security tooling, and a proactive mindset toward identifying and mitigating risk.

Responsibilities: 

• Monitor security events and alerts across SIEM, EDR, IDS/IPS, and cloud security platforms in real time
• Triage, investigate, and respond to security incidents following established incident response procedures and playbooks
• Perform root-cause analysis on security events and document findings, containment actions, and remediation steps
• Develop, tune, and maintain detection rules, correlation queries, and alerting logic to reduce false positives and improve signal fidelity
• Conduct threat hunting activities using threat intelligence feeds, MITRE ATT&CK framework, and behavioral analytics
• Collaborate with IT, DevOps, and infrastructure teams to remediate vulnerabilities and harden systems and configurations
• Manage and operate security tools including SIEM (Splunk, Microsoft Sentinel, or similar), EDR (CrowdStrike, SentinelOne, or similar), and vulnerability management platforms
• Support the development and continuous improvement of security operations runbooks, playbooks, and standard operating procedures
• Participate in tabletop exercises, red team/blue team engagements, and incident simulations
• Track and report on security metrics, key risk indicators (KRIs), and SOC performance to leadership
• Assist with forensic investigation of compromised endpoints, accounts, or network segments
• Stay current on the evolving threat landscape and proactively share intelligence with the security team