RemoteLeaf Logo
Log in Sign up

Senior Purple Operations Engineer

1 hour, 22 minutes ago
Europe
Full-time
Senior
Security Engineer
DevOps and Infrastructure
Azure Bash Cloudflare Confluence GitHub GitLab JIRA Kubernetes Lucene PowerShell Python SIEM SOC
Apply Now
Sporty Group

Sporty Group

Sporty Group is a global consumer internet and media organization that specializes in digital and linear sports broadcasting, offering its leading free-to-air platform, SportyTV, which engages millions of users across multiple countries and continents.

Media
51-250
Founded 2013
View All Jobs 42

Description

  • Tune EDR, SIEM, and XDR detections to reduce false positives and improve alert quality.
  • Build and maintain detection rules, correlation searches, dashboards, watchlists, and response workflows.
  • Translate Red Team, Purple Team, incident, and threat intelligence findings into repeatable defensive checks.
  • Validate EDR policies, prevention rules, logging, sensor health, and response actions.
  • Review noisy alerts and tune thresholds, exclusions, lookups, entity context, and suppression logic.
  • Support SOC analysts with clear alert descriptions, triage steps, severity logic, and escalation guidance.
  • Improve log coverage, parsing, field normalization, enrichment, and data quality.
  • Map detections to MITRE ATT&CK where useful.
  • Write portable detection content using formats such as Sigma.
  • Track detection gaps, false positive trends, alert health, and platform performance.

Requirements

  • Experience tuning EDR, SIEM, XDR, or SOC monitoring platforms.
  • Strong understanding of endpoint, identity, cloud, network, and web attack behaviors.
  • Practical experience writing detection logic in KQL, SPL, EQL, Lucene, Sigma, YARA, or similar.
  • Familiarity with MITRE ATT&CK mapping and detection coverage analysis.
  • Ability to turn Red Team, Purple Team, and incident findings into clear detection logic.
  • Experience reducing false positives through rule tuning, exceptions, automation, and better entity context.
  • Strong scripting ability in Python, PowerShell, Bash, or similar.
  • Good understanding of SOC workflows, incident triage, escalation, and response playbooks.
  • Strong documentation skills.
  • Experience with any of the following technologies: Microsoft Defender XDR, CrowdStrike Falcon, SentinelOne, Microsoft Sentinel, Splunk Enterprise Security, Elastic Security, Google SecOps, Sigma, YARA, KQL, SPL, EQL, Lucene, Python, PowerShell, Bash, MITRE ATT&CK, Atomic Red Team, Caldera, Vectr, TheHive, Jira, Confluence, GitHub, GitLab, osquery, Sysmon, Zeek, Suricata, AWS CloudTrail, GuardDuty, Azure, Entra ID, Google Workspace, Okta, Cloudflare, Kubernetes logs.

Benefits

  • Remote-first work environment.
  • Competitive salary with individual performance-based quarterly bonuses.
  • 28 days of paid annual leave.
  • Core working hours from 10am-3pm in your local time zone, with flexibility outside those hours.
  • Referral bonuses and flash bonuses.
  • Top-of-the-line equipment.
  • Annual company retreats with networking opportunities.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Ivanti

Senior Software Engineer | Python | GoLang | Containerization | Cloud

Ivanti 1K-5K Internet Software & Services

Ivanti is seeking a Senior Software Engineer on its U.S. Threat Operations team to build security automation and internal applications that strengthen the company’s cloud and endpoint security posture.

Remote
Full-time Senior Security Engineer Software Engineer
Angular AWS Azure Docker Go JavaScript Kubernetes Linux Microservices OAuth Python REST API SAML TypeScript
1 hour, 37 minutes ago
Blueprint Technologies

DevSecOps Engineer

Blueprint Technologies 251-1K Internet Software & Services

Blueprint is hiring a DevSecOps Engineer to support secure cloud infrastructure, deployment automation, and operational reliability for enterprise analytics platforms and applications.

United States Full-time Senior DevOps Engineer Security Engineer
$95k-$105k
Argo CD AWS CI/CD DevSecOps Docker GitHub Actions Jenkins Kubernetes OpenShift Terraform
1 hour, 37 minutes ago
MetroStar

Sr. Information Systems Security Engineer III (6618)

MetroStar 251-1K IT Services

MetroStar is seeking a Sr. Information Systems Security Engineer III to embed Zero Trust principles into security engineering for air-gapped and classified environments, helping maintain risk posture across the system lifecycle.

United States Full-time Lead Security Engineer
$175k-$200k
Cybersecurity
1 hour, 52 minutes ago
AutoFi

Senior Security Engineer

AutoFi 51-250 Automotive

AutoFi is hiring a Senior Security Engineer to secure its automotive digital commerce platform, cloud environments, internal systems, and vendor ecosystem across proactive and operational security work.

United States Canada Full-time Senior Security Engineer
$175k-$185k
AWS DevSecOps JavaScript Node.js OAuth OWASP Penetration Testing REST API SIEM SQL WAF
1 hour, 52 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers