Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
RxBenefits, Inc.

Senior Security Engineer

RxBenefits, Inc.

Senior Security Engineer at RxBenefits leading SIEM platform development and incident response. Responsible for threat detection, cloud security, and operational processes in a HIPAA-regulated environment.

Posted 7/14/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $120,000 - $150,000 per yearWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates expertise in SIEM platform management, incident response lifecycle, and threat detection engineering. Proficient in automation and operationalizing threat intelligence to enhance security posture and incident response efficiency.

Highest-signal resume keywords
SIEM Platform ManagementIncident Response LifecycleDetection EngineeringAWS Security LoggingAdvanced Scripting

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
Log Source OnboardingCorrelation Rule DevelopmentDetection TuningPerformance TuningIncident Response MethodologyThreat HuntingAutomation with PowerShellAutomation with PythonAutomation with BashTechnical Incident Reporting
Soft Skills
Excellent Interpersonal SkillsStrong Analytical SkillsProblem-Solving SkillsSound Judgment Under PressureEffective Communication Skills
Tools & Technologies
Sumo LogicAWS CloudTrailCrowdStrikeZscalerO365MITRE ATT&CK FrameworkEDR ToolsNetwork Security PlatformsWindows Log SourcesLinux Log Sources
Certifications & Qualifications
GCIHGCFACISSPSIEM Certification
Industry Keywords
SOC ProcessesAlert Triage WorkflowsOperational MetricsCloud InfrastructureCrisis ManagementDisaster Recovery PlansDetection StandardsRunbooksPlaybooksRoot Cause Analysis

Tech Stack

Tools & technologies
AWSCloudLinuxPython

About the role

Key responsibilities & impact
  • Own the SIEM platform end to end, including log source onboarding, correlation rule development, detection tuning, dashboarding, and platform performance and cost management.
  • Lead the full incident response lifecycle, including triage, containment, eradication, recovery, root cause analysis, and post-incident reporting.
  • Build and maintain detection content mapped to MITRE ATT&CK; conduct proactive threat hunts across cloud infrastructure, endpoints, identity systems, and network traffic.
  • Define and enforce SOC processes, including alert triage workflows, escalation paths, on-call procedures, and operational metrics such as mean time to detect and mean time to respond.
  • Manage ingestion pipelines from cloud audit logs (e.g., AWS CloudTrail), EDR, identity providers, network security platforms, and endpoint management tools into the SIEM.
  • Operationalize threat intelligence feeds into detection rules, enrichment workflows, and hunting hypotheses.
  • Develop automation for detection engineering, alert enrichment, and response playbooks to reduce manual analyst workload and speed response time.
  • Lead in and support tabletop exercises to assess and continuously improve incident response procedures, crisis management, and disaster recovery plans.
  • Correlate findings across infrastructure, application security, and identity teams during investigations, and drive permanent remediation of identified risks.
  • Produce technical incident reports and SOC posture reporting that give leadership clear visibility into detection coverage, response performance, and outstanding risk.
  • Define and enforce detection engineering standards, runbooks, and playbooks used across the security team.

Requirements

What you’ll need
  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience required.
  • Cyber-specific certification required (e.g., GCIH, GCFA, CISSP, or a relevant SIEM/vendor certification).
  • Minimum of seven (7) years of IT experience, with at least four (4) years in a security engineering, SOC, or incident response role.
  • Expert-level, hands-on experience with SIEM platforms (Sumo Logic strongly preferred), including log architecture, correlation rule development, and performance tuning.
  • Working knowledge of incident response methodology (e.g., NIST 800-61) and fluency with the MITRE ATT&CK framework.
  • Strong understanding of AWS security logging and detection services (CloudTrail, GuardDuty, Security Hub) and Windows/Linux log sources; Linux required.
  • Hands-on experience investigating alerts and telemetry from EDR (e.g., CrowdStrike), network security platforms (e.g., Zscaler), and O365/identity log sources.
  • Advanced scripting and automation experience with PowerShell, Python, or Bash required.
  • Ability to work fully independently and lead multiple complex investigations and projects to completion.
  • Excellent interpersonal and communication skills (verbal and written) across all levels of the organization.
  • Strong analytical and problem-solving skills, with sound judgment under incident pressure.
  • Ability to deliver on objectives.

Benefits

Comp & perks
  • Website LinkedIn All Job Openings 1001 - 5000 employees Founded 1995 ⚕️ Healthcare Insurance 💳 Fintech 🤝 B2B 💰 Private Equity Round on 2020-12 Healthcare Insurance
  • Fintech
  • B2B RxBenefits, Inc. is a company that specializes in providing innovative pharmacy benefits solutions to employers and their employees. They focus on optimizing the management of prescription drug plans to reduce costs and improve health outcomes. Through advanced analytics and personalized member support, RxBenefits aims to transform the pharmacy benefits experience for their clients.