RemoteLeaf Logo
Log in Sign up

Senior Security Operations Engineer

1 hour, 40 minutes ago
United States
Full-time
Senior
Security Engineer
Cybersecurity
AWS Azure Bash GCP Python SIEM Splunk
Apply Now
SWORD Health

SWORD Health

SWORD Health provides AI-powered digital physical therapy solutions designed to prevent pain, support recovery, and enhance overall health, while also aiming to transform the rehabilitation industry through innovative technology and clinical oversight.

Health Care Providers & Services
251-1K
Founded 2015
$324M raised
View All Jobs 56

Description

  • Design and continuously improve detection and alerting controls to reduce noise and improve response quality.
  • Build, test, and automate incident response playbooks and runbooks.
  • Prioritize alerts using a data-driven triage framework aligned with business impact and threat context.
  • Lead incident investigations, including root cause analysis and digital forensics, and turn findings into detection improvements.
  • Conduct threat intelligence and threat hunting to identify new TTPs and enrich security controls.
  • Own incident handling from detection through resolution in collaboration with engineering, IT, and business teams.
  • Define and maintain operational metrics for incident response and use them to drive continuous improvement.
  • Leverage AI to automate and optimize security operations workflows, including alert triage, enrichment, and incident classification.
  • Design and maintain AI-assisted runbooks with human-in-the-loop validation for critical decisions.
  • Integrate security tooling with AI platforms and APIs to streamline investigation, response, and reporting.

Requirements

  • Must be able to obtain and maintain a US Public Trust clearance.
  • Bachelor’s degree in Computer Science, Cybersecurity, or equivalent professional experience.
  • Solid experience in cloud environments such as AWS, GCP, or Azure, with strong understanding of cloud-native threats.
  • Proficiency in scripting languages such as Python and Bash for automation and tooling development.
  • Hands-on experience with SOC tools and platforms, including SIEM tools such as Splunk or Sentinel, SOAR, EDR/XDR, and log management.
  • Strong understanding of incident containment and eradication strategies and experience coordinating response with technical teams.
  • Familiarity with security frameworks and standards including NIST 800-61, CIS Controls, MITRE ATT&CK, and ISO 27001.
  • Experience with threat modeling, adversary emulation, and risk-based alert tuning.
  • Forensics experience, including investigating incidents and preserving digital evidence.
  • Ability to communicate security risks and actions to both technical and non-technical audiences.
  • Proven track record of leading cross-functional efforts in high-pressure situations.
  • Ability to foster collaboration across InfoSec, IT, and engineering teams.
  • Ability to consume and synthesize intelligence about actors, techniques, or situations to identify emerging risks.
  • Experience improving processes and operational workflows.
  • Ability to evaluate the accuracy, reliability, and security implications of AI-assisted decisions in operational environments.

Benefits

  • Competitive salary and career development opportunities.
  • Remote-first or hybrid work policy with flexible working hours.
  • Unlimited vacation / discretionary PTO plan.
  • Comprehensive health, dental, and vision insurance.
  • Equity shares.
  • 401(k) retirement plan.
  • Parental leave.
  • Health and well-being support, including free digital therapist sessions for employees and family.
  • Financial advisory services and supplemental insurance benefits.
  • Paid company holidays.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Zscaler

Detection Engineer- SkillBridge Intern

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a remote Detection Engineer- SkillBridge Intern for its Red Canary R&D team to analyze security telemetry and help create fast, practical detections for customers.

United States Internship Entry Level Security Engineer
Cybersecurity SIEM
30 minutes ago
WaveStrong,

Mainframe Security SME

WaveStrong, 51-250 Internet Software & Services

A contract Mainframe Security SME is needed to lead Broadcom ACF2 to RACF migration work, supporting the design, conversion, implementation, and governance of security controls for a z/OS enterprise environment.

India Contract Lead Security Engineer
HIPAA
55 minutes ago
Stripe

Security Engineer - Threat Detection

Stripe 5K-10K Diversified Financial Services

Stripe is hiring a Detection Engineering & Threat Hunting professional to build and scale threat detections and hunting capabilities across its global infrastructure, applications, and cloud environments.

Ireland Full-time Senior Security Engineer
Apache Spark AWS Azure Databricks Elasticsearch GCP Linux macOS Python SIEM Splunk SQL Trino
1 hour, 1 minute ago
Apptronik

Security Engineer - Data Platform

Apptronik 51-250 Aerospace & Defense

Apptronik is hiring a Security Engineer to define and secure the hybrid cloud and on-premise deployment environment for its Apollo humanoid robots used in industrial settings.

United States Full-time Senior Security Engineer
Ansible Encryption Go Helm Kubernetes Linux OpenID Connect Python SAML Terraform
1 hour, 10 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers