AstronomerRemote
Security Operations Engineer II
Texas, United States of America
Full Time
3 weeks ago
$80,000 - $85,000 USD
H1B Sponsor
Key skills
CloudPythonMLGenAIAnalyticsSaaSCollaboration
About this role
Role Overview
- Own Tier 2 escalations across endpoints, identity & access, collaboration tools, and core services—balancing fast resolution with long-term quality.
- Investigate root causes of recurring issues and design durable fixes that prevent repeat incidents (vs. one-off workarounds).
- Develop secure configuration standards and baselines spanning endpoints, GenAI, orchestration, and SaaS/cloud infrastructure, and iterate on them to support scale and reliability.
- Shape incident/problem/change practices by proposing safe changes with clear rollback plans and improving how the team learns from incidents.
- Create operational documentation (knowledge base articles, runbooks, reusable patterns) that reduces escalations and uplevels the service desk.
- Triage and investigate security alerts in EDR/SIEM/SOAR, escalate effectively, and coordinate containment to recovery using playbooks with clear timelines.
- Build and improve automations + analytics (GenAI/ML workflows, scripts/APIs, dashboards) to streamline tasks like alert enrichment, ticket routing, lifecycle changes, remediation flows, and ongoing operational reporting.
- Partner on vulnerability and patch management by prioritizing issues, tracking remediation to SLAs, and verifying closure in measurable ways.
Requirements
- 2+ years of experience with Python (or similar scripting languages) and APIs.
- Strong troubleshooting skills across endpoints, identity/access, and collaboration platforms; owning issues through to resolution.
- Hands-on SecOps exposure using tools like EDR/SIEM/SOAR for alert triage, investigation, and incident handling (or closely related experience with the ability to ramp fast).
- Data and analytics mindset with comfort pulling, cleaning, and analyzing operational data (tickets, alerts, logs) to guide decisions.
- Automation capability using scripting (Python or similar), APIs, and/or orchestration—building safe, auditable workflows that may leverage GenAI/ML for enrichment or decision support.
- Clear communicator who stays calm under pressure, comfortable navigating ambiguity and proposing structured solutions.
- Demonstrated curiosity and learning agility, with interest in growing across IT, security, and data/automation.
Tech Stack
- Cloud
- Python
Benefits
- Health insurance
- 401(k) plan
- Paid time off
- Flexible work arrangements
- Professional development opportunities