Aledade, Inc.Remote
Sr. SOC Security Engineer II
United States of America
Full Time
2 hours ago
H1B Sponsor Likely
Key skills
SOC engineeringThreat detectionIncident responseSIEM platformsEDR toolsIDS/IPSFirewallsNetworkingSecurity protocolsCloud platforms - AWSCloud platforms - AzureCloud platforms - GCPThreat intelligenceThreat huntingLog analysisSecurity frameworks - MITRE ATT&CKSecurity frameworks - NISTSecurity frameworks - ISO 27001Security frameworks - CIS ControlsCloud security toolsAutomation scripting - PythonAutomation scripting - PowerShellMalware analysisReverse engineeringDigital forensicsSecurity certifications - CISSPSecurity certifications - GCIHSecurity certifications - GCIASecurity certifications - CEHSecurity certifications - OSCPSecurity certifications - GIACPythonSwiftPowerShellAWSAzureGCPSumo LogicMentoringCloud Security
About this role
Aledade, Inc. is a public benefit corporation focused on empowering independent primary care. They are seeking a Senior SOC Security Engineer to lead the design and implementation of security monitoring and incident response technologies, while also mentoring junior analysts and engineers.
Responsibilities:
- Engineer and implement security solutions that enhance the SOC’s ability to prevent, detect, and respond to security incidents across cloud environments (AWS, GCP and Azure)
- Incident Response & Threat Hunting: Lead investigations into complex security incidents, perform root cause analysis, and proactively hunt for threats using tools like MITRE ATT&CK framework
- Develop and maintain detailed incident response playbooks and procedures, ensuring alignment with industry best practices
- Provide expert analysis of security events, correlating data from various sources (network, endpoint, application) to gain a holistic view of potential threats
- Assist in containment and remediation strategies for cyber incidents, coordinating with internal teams to ensure swift resolution
- Mentor and provide guidance to junior SOC engineers and analysts, helping them develop their technical skills and grow in their roles
Requirements:
- Bachelor's degree in Computer Science, Information Security, or related field
- Minimum of 7+ years of hands-on experience in cybersecurity, with a strong focus on SOC engineering, threat detection, and incident response
- Expertise in managing and optimizing SIEM platforms (e.g., Sumo Logic), EDR tools, IDS/IPS, and firewalls
- Deep knowledge of networking, security protocols, and cloud platforms (AWS, Azure)
- Hands-on experience in threat intelligence, threat hunting, and advanced log analysis for incident detection and response
- Understanding of security frameworks and methodologies, such as MITRE ATT&CK, NIST, ISO 27001, or CIS Controls
- Familiarity with cloud security tools and techniques for monitoring and securing workloads in AWS, Azure, or GCP environments
- In-depth knowledge of security operations, including SIEM, EDR, IDS/IPS, malware analysis, and vulnerability management tools
- Experience working with cloud security technologies (AWS, Azure, GCP), including monitoring, logging, and incident response in cloud environments
- Experience in developing and deploying automation scripts (e.g., Python, PowerShell) to perform routine tasks such as log analysis, threat detection, and incident response
- Act as the technical lead in investigating, analyzing, and responding to complex security incidents and remediation efforts
- Experience in evaluating new security technologies and making recommendations to enhance the organization's defensive capabilities
- Hands-on experience in malware analysis, reverse engineering, and digital forensics
- Experience in advanced log and network traffic analysis to identify security incidents, trends, and anomalous behaviors
- Certifications such as CISSP, GCIH, GCIA, CEH, OSCP, or GIAC are preferred