RemoteLeaf Logo
Log in Sign up

Senior Security Operations Engineer

2 weeks, 4 days ago
United States
Full-time
Senior
Security Engineer
Cybersecurity
AWS Azure CrowdStrike JIRA SIEM Splunk
Apply Now
Dispel

Dispel

Dispel is a leading provider of OT Zero Trust Access & Control solutions, offering secure remote access, data streaming, and asset visibility for industrial control systems and operational technology. Their intelligent tools and global support team ens...

Industrial Conglomerates
51-250
Founded 2014
View All Jobs 6

Description

  • Own the end-to-end log ingestion pipeline, including identifying gaps, building feeds, validating parsing, and maintaining coverage dashboards.
  • Close federal logging gaps and stand up commercial logging across AWS, Azure, Entra ID, and SaaS platforms.
  • Configure and operate Google SecOps SOAR capabilities, including Domain-Wide Delegation, marketplace integrations, and bidirectional response actions.
  • Build and maintain SOAR playbooks for phishing, malware, account compromise, lateral movement, and cloud-specific incidents.
  • Develop operational dashboards for SOC metrics, alert volumes, MTTA/MTTR, and coverage status.
  • Build and deploy production detection rules mapped to MITRE ATT&CK, and establish the full detection lifecycle from proposal through retirement.
  • Develop custom parsers for AWS security services such as GuardDuty, Security Hub, Inspector, WAF, CloudTrail, and VPC Flow Logs.
  • Drive SentinelOne deployment across Azure VMs and federal endpoints, and operationalize Cloud Funnel log export into Google SecOps.
  • Serve as the senior escalation point for SOC incidents, ensuring thorough investigations, reporting, and follow-up actions.
  • Lead vulnerability management cadence, remediation tracking, and reporting across all environments.
  • Act as the primary technical interface for the MSSP partner and hold them accountable to SLAs, alert quality, and escalation procedures.
  • Provide day-to-day technical direction to SOC analysts by setting priorities, assigning work, reviewing deliverables, and driving OKR execution.

Requirements

  • 6+ years of experience in security operations, detection engineering, or SIEM/SOAR engineering.
  • Hands-on experience with Google SecOps (Chronicle) or an equivalent enterprise SIEM such as Splunk, Sentinel, or QRadar; Chronicle is strongly preferred.
  • Production experience with SentinelOne, CrowdStrike, or a comparable EDR platform.
  • Deep knowledge of AWS security services including GuardDuty, Security Hub, Inspector, CloudTrail, WAF, and Config.
  • Experience building detection rules mapped to the MITRE ATT&CK framework.
  • SOAR playbook development and automation experience.
  • Demonstrated ability to lead without formal authority and guide peers or junior analysts.
  • Strong incident response skills, including writing complete reports for executive and external audiences.
  • Understanding of NIST 800-53 controls, especially Audit, System Integrity, and Incident Response families.
  • Excellent written communication skills.
  • Preferred: Experience in a FedRAMP High environment such as AWS GovCloud.
  • Preferred: Azure security experience including Defender for Cloud, Entra ID, Log Analytics, and Event Hubs.
  • Preferred: Experience managing MSSP relationships and enforcing SLAs.
  • Preferred: Background in OT/ICS security monitoring.
  • Preferred: Experience with vulnerability management tools such as Nessus, Inspector, or Defender.
  • Preferred: Previous experience in a startup or high-growth environment building SOC capabilities from early stages.
  • Preferred certifications include GCIA, GCIH, GSOM, Google Chronicle or SecOps certifications, AWS Security Specialty, CISSP, CISM, or SANS SEC555/SEC511.

Benefits

  • $136K-$155K base salary, plus equity and performance bonus eligibility depending on experience and location.
  • Full medical, vision, and dental insurance.
  • Generous PTO.
  • Remote-first culture with flexible hours.
  • Opportunity to protect critical infrastructure at scale.
  • Work with patented, cutting-edge security technology.
  • Direct ownership of SOC maturation.
  • Collaborative team with military, federal, and private sector expertise.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Anduril Industries

Senior Embedded Software Engineer, Intelligence Systems

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring an embedded systems engineer for its Intelligence Systems team to develop secure, low-level software for next-generation hardware platforms supporting critical national security capabilities.

United States Full-time Senior Embedded Systems Engineer Security Engineer
$191k-$253k
Assembly C C++ Embedded Systems Rust
0 minutes ago
Anduril Industries

Senior Security Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is seeking a Security Engineer to build defensive controls for protecting the company’s OT and ICS environments and support the secure rollout of advanced factory systems.

United States Full-time Senior Security Engineer
$166k-$220k
Go Linux Python Rust
14 minutes ago
C

System Engineer – Security Administration & Endpoint Management (QB - SE - 20260507)

Celara 51-200 IT Services and IT Consulting

Celara is hiring a remote System Engineer for Security Administration & Endpoint Management to own the day-to-day security operations that keep employee devices, access, and lifecycle processes reliable across a distributed enterprise environment.

Anywhere Contract Junior Security Engineer Systems Administrator
Bash CrowdStrike PowerShell Python
15 minutes ago
Recorded Future

Senior Threat Data Infrastructure Engineer

Recorded Future 251-1K Professional Services

Recorded Future is hiring a Senior Threat Data Infrastructure Engineer to support the Insikt Group’s Threat Data and Enablement team in building and maintaining the infrastructure that powers proprietary threat intelligence collection and analyst workflows.

United Kingdom Senior Infrastructure Engineer Security Engineer
Bash Go Linux Perl Python
1 hour, 45 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers