Drive continuous improvement within SNOC security operations by identifying opportunities to enhance monitoring, response workflows, automation, and operational efficiency
Serve as the primary escalation point for complex security incidents, providing advanced technical analysis and resolution support to the SNOC engineering team.
Support the development and maintenance of operational documentation including security runbooks, incident response procedures, investigation guides, and knowledge base articles.
Identify and analyze potential security risks, vulnerabilities, and suspicious activity across network, system, endpoint, identity, and cloud environments, recommending remediation actions.
Assist in strengthening security monitoring capabilities by improving detection logic, tuning alerts, and contributing to SIEM analytics rules and automation workflows.
Provide mentorship and technical guidance to junior SNOC engineers during investigations, troubleshooting, and incident response activities.
Support security compliance initiatives by ensuring operational activities, incident investigations, and response actions are properly documented to support audits and reporting.
Participate in validation and testing of incident response procedures, disaster recovery plans, and operational readiness exercises.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or related field preferred (or equivalent experience).
Preferred professional certifications:
GIAC (GCIH, GCIA, GCFA)
CompTIA CySA+ or CASP+
Microsoft Certified: Azure Security Engineer Associate
AWS Certified Security – Specialty
Cisco CCNP or equivalent
Advanced knowledge of security operations, incident investigation, and threat detection methodologies.
Experience with SIEM and security monitoring platforms such as Microsoft Sentinel, Wazuh, SentinelOne, or similar technologies.
Strong understanding of networking fundamentals, endpoint security, identity protection, and cloud security environments (Azure, AWS, or similar).
Experience performing advanced log analysis, threat hunting, and alert triage across multiple telemetry sources.
Ability to troubleshoot complex security issues and provide leadership during high-severity operational events.
Strong written and verbal communication skills for both internal operational documentation and client-facing discussions.
Experience improving security monitoring through detection engineering, alert tuning, and security automation.
Familiarity with security frameworks, compliance standards, and operational security best practices.

Benefits

Medical, Dental & Vision Coverage
Life Insurance
401(k) with company match
“You Pick a Day” paid holiday
FSA & HSA options
Pet Insurance
…and more!

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security operationsincident investigationthreat detectionlog analysisthreat huntingalert triagedetection engineeringsecurity automationremediation actionsnetwork security

Soft Skills

mentorshiptechnical guidancetroubleshootingleadershipcommunication

Certifications

GIAC GCIHGIAC GCIAGIAC GCFACompTIA CySA+CompTIA CASP+Microsoft Certified: Azure Security Engineer AssociateAWS Certified Security – SpecialtyCisco CCNP