The IRM SecOps team is seeking a Security Operations Engineer who thrives in a lean, fast-moving environment, takes ownership of outcomes, and combines strong project-based engineering execution with hands-on detection and response expertise.
Key Highlights
Key Responsibilities
Technical Skills Required
Benefits & Perks
Nice to Have
Job Description
The IRM SecOps team is seeking a Security Operations Engineer who thrives in a lean, fast-moving environment, takes ownership of outcomes, and combines strong project-based engineering execution with hands-on detection and response expertise.
This position blends multiple areas of security operations, with approximately 60% focused on engineering and driving project work building, implementing, and configuring new security tools and integrations, 20% on SOC operations, including monitoring, detection tuning, and continuous improvement, and 20% on incident response and other security operations tasks, such as hands-on investigation, containment, and recovery when issues arise.
Responsibilities:
- Lead security projects end-to-end, including the build, and implementation of technical solutions.
- Implement, configure, and optimize of new tools and platforms.
- Respond to escalated security incidents, performing advanced analysis, containment, and recovery.
- Conduct proactive threat hunting and refine detection logic for improved accuracy and context.
- Implement and manage enterprise security systems, including cloud-based (AWS/Azure).
- Collaborate with IT, cloud, and development teams to strengthen security controls and visibility.
- Create and maintain detailed incident documentation, timelines, and lessons learned.
- Continuously improve playbooks, automation, and operational efficiency.
- Mentor analysts and contribute to process and capability development across the team.
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Required Qualifications
- 5+ years of experience in cybersecurity operations, security engineering, or incident response.
- Experience with Microsoft Defender XDR and CrowdStrike Falcon (deployment, configuration, and response)
- Solid knowledge of cloud security investigations and monitoring with Microsoft Azure and Amazon Web Services (AWS)
- Proficiency in Python and/or PowerShell scripting for automation and response.
- Strong understanding of detection logic, incident handling, and response workflows.
- Excellent communication and collaboration skills.
- Highly self-motivated with the ability to manage priorities and operate independently in a fast-paced environment.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
Preferred Qualifications
- Experience in consulting, finance, or technology environments.
- Familiarity with Splunk, and osquery.
- Experience with data visualization tools (e.g., Power BI).
- Certifications such as GIAC, GCFA or GCFR.
Work Environment
- On-call rotation is required for after-hours incidents.
- Occasional weekend work may be needed for critical projects or incident response.
- Remote (U.S. only) work from anywhere while staying closely connected to a small, collaborative team.
- Expect a nimble, hands-on, high-ownership culture where your contributions have visible impact.
Similar Jobs
Explore other opportunities that match your interests