Senior Security Operations Engineer
St. Paul, Minnesota, United States
USD 102K-133K Senior-level Full Time
Tasks
- Analyze logs and telemetry for indicators of compromise
- Apply security patches and upgrades
- Build and optimize EDR solutions
- Collaborate on secure design and implementation
- Conduct threat hunting using SIEM telemetry
- Coordinate escalations for high severity incidents
- Design detection lifecycle in Splunk Enterprise Security
- Develop security automation with SOAR
- Document events and remediation actions
- Improve detection engineering capabilities
- Ingest Microsoft telemetry into Splunk
- Investigate security incidents
- Lead vulnerability management remediation workflows
- Mentor junior security operations team members
- Operate Microsoft security technologies
- Optimize SIEM data routing and use case placement
- Perform forensic analysis after security events
- Respond to alerts from SIEM and EDR
- Review vendor security assessments and track remediation
- Tune detections to reduce false positives
Perks/Benefits
Skills/Tech-stack
AWS | Azure | Cloud Security | Defense in Depth | Detection and Response | Detection engineering | EDR | Endpoint Detection and Response | Endpoint detection | Enterprise Security | Entra ID | Firewalls | Forensics | IDS/IPS | Incident Response | Intune | KQL | Logging | Microsoft Defender | Microsoft Entra | Microsoft Entra ID | Microsoft Purview | Microsoft Sentinel | Network Security | Rapid7 InsightVM | SIEM | SOAR | SPL | Splunk Enterprise | Splunk Enterprise Security | Telemetry | Threat hunting | Vulnerability Management | WAF | XDR
Education
Related jobs
-
IT Systems Engineer – Classified Build Room USD 123K-170KAPT | Air-gapped | Air-gapped networks | Ansible | BashSenior-level Full TimeWoburn,MA4h ago
-
Chief Information Security Officer (CISO) USD 237K-390KAccess Certification | Access Management | Audit evidence | Board reporting | Business Continuity401k retirement plan | Catered lunches | Dental insurance | Disability insurance | Employee assistance programExecutive-level Full TimeAustin, TX / Morristown, NJ (hybrid) R5h ago
-
Chief Information Security Officer (CISO) USD 237K-390KAccess Certification | Access Management | Business Continuity | Control Frameworks | Cybersecurity401k retirement plan | Dental insurance | Employee assistance program | Employer-paid life insurance | Flexible spending accountExecutive-level Full TimeMorristown, NJ / Austin, TX (hybrid) R5h ago
-
Senior DevSecOps Engineer USD 100K-170K800-53 | Advanced Security | Agile | App Service | Application Gateway401k match | Dental insurance | Health insurance | PTO | Paid parental leaveSenior-level Full TimeArlington, VA / Remote R9h ago
-
DevSecOps Solution Architect USD 100K-185K800-53 | AKS | Advanced Security | App Service | Application Gateway401k company match | Dental insurance | Health insurance | PTO | Paid parental leaveSenior-level Full TimeArlington, VA / Remote R9h ago
-
Manager Security Operations USD 110K-125KBusiness Continuity | Case management | Crisis management | Emergency preparedness | Incident ResponseMid-level Full TimeEl Segundo, CALIFORNIA, United States9h ago
-
Cybersecurity Forensics and Incident Response Analyst USD 125K-140KActive Directory | Application Firewall | Artifact analysis | Autopsy | BashOccasional travel | Rotating on-call scheduleMid-level Full TimePittsburgh, PA, United States11h ago
-
Technology Control Automation Specialist USD 175K-225KAI RMF | API Integration | AWS | Agent Frameworks | Application SecuritySenior-level Full TimeUnited States11h ago
-
Cybersecurity Engineer USD 96K-134KApplication Hardening | Azure Security | Cloud Security | Firewalls | Incident Response401k matching | Dental insurance | Flexible schedule | Life insurance | Medical insuranceSenior-level Full TimeLiberty Lake, WA, United States12h ago
-
Staff Information Security Engineer - AI First USD 170K-220KAI Agents | AWS | Access Management | Artificial Intelligence | CSPM401k match | Career development opportunities | Caregiver leave | Employee assistance program | HSA contributionsSenior-level Full TimeUnited States - Remote R12h ago
-
IT Data Center Engineer USD 84K-116KBash | Capacity Planning | Cause analysis | Change Management | Copper Termination401k match | EAP | Employee assistance program | Flexible time off | Gym reimbursementMid-level Full TimeHillsboro, Oregon, United States; Oregon; Washington13h ago
-
AI | Concurrency | Distributed Systems | Eventing | Failure handlingEducation reimbursement | Health plans | Hybrid work | In-office perks | Parental leaveSenior-level Full TimeSan Jose, California, USA13h ago
-
Senior Consultant - Cyber Security USD 104K-210K800-53 | Access Certification | Access Management | BeyondTrust | CVSSSenior-level Full TimeNew York City, New York14h ago
-
Customer Trust Specialist USD 69K-104K800-53 | AWS | Access Management | Application logs | Architecture DiagramsMid-level Full TimeRemote Cananda | Remote United States, … R15h ago
-
Asset Intelligence | Backend Development | C++ | Concurrency | Data PipelinesCareer growth and learning opportunities | Flexible working hours | Hybrid working model | International collaboration | Team eventsSenior-level Full TimeAustin, Texas, United States16h ago
-
Sr. Security Engineer, Incident Response USD 113K-252KAccess Management | Authentication | Automation | Cause analysis | Cloud SecurityCross-functional collaboration | On-call rotationSenior-level Full TimeNew York, NY17h ago
-
Sr. Security Engineer, Incident Response USD 113K-252KAuthentication | CrowdStrike | CrowdStrike Falcon | Cyberhaven | Data Loss PreventionCross-functional collaboration | On-call rotation | Work on modern security stackSenior-level Full TimeBoston, MA17h ago
-
Sr. Security Engineer, Incident Response USD 113K-252KAccess Management | Automation | Cause analysis | Containment | CrowdStrike FalconCross-functional collaboration | On-call rotationSenior-level Full TimePalo Alto, CA or San Francisco, …17h ago
-
Sr. Security Engineer, Incident Response USD 135K-205KAuthentication | Automation | CrowdStrike Falcon | Crowdstrike EDR | Cyberhaven DLPCross-functional collaboration | On-call rotationSenior-level Full TimeAustin, TX17h ago
-
800-37 | 800-53 | Access Control | Agile | Alert analysisHealth insurance | Learning and development | Paid leave | RetirementSenior-level Full TimeWashington, DC17h ago
-
800-37 | 800-53 | Access Controls | Authorization boundary | Business Impact AnalysisHealth insurance | Learning and development | Paid leave | RetirementMid-level Full TimeWashington, DC17h ago
-
800-37 | 800-53 | AI Governance | Auditability | Authorization to OperateHealth insurance | Paid leave | RetirementSenior-level Full TimeWashington, DC17h ago
-
Enterprise Vulnerability Assessment Program (EVAP) USD 150K-190KApplication Flow Charting | Application flow | CentOS | Enterprise Linux | FirewallsMid-level Full TimeWASHINGTON, DC, United States17h ago
-
Sr Security Analyst USD 140K-180KDetection engineering | Elastic SIEM | Elasticsearch | Firewall | IDS/IPSCustomer enablement training | Domestic travel | International travelSenior-level Full TimeScott AFB, IL, United States17h ago
-
Space RCO - Cyber Security Engineer USD 160K-195KAmazon Web Services | Computer Network Security | Computer network | Computer network operations | ContainersTop-Secret Clearance supportSenior-level Full TimeAlbuquerque, NM17h ago