TaxAct is seeking a Security Operations Engineer who thrives in a fast-moving environment and takes ownership of outcomes. The role focuses on engineering and project work for security tools, SOC operations, and incident response tasks.
Responsibilities:
- Lead security projects end-to-end, including the build, and implementation of technical solutions
- Implement, configure, and optimize of new tools and platforms
- Respond to escalated security incidents, performing advanced analysis, containment, and recovery
- Conduct proactive threat hunting and refine detection logic for improved accuracy and context
- Implement and manage enterprise security systems, including cloud-based (AWS/Azure)
- Collaborate with IT, cloud, and development teams to strengthen security controls and visibility
- Create and maintain detailed incident documentation, timelines, and lessons learned
- Continuously improve playbooks, automation, and operational efficiency
- Mentor analysts and contribute to process and capability development across the team
Requirements:
- 5+ years of experience in cybersecurity operations, security engineering, or incident response
- Experience with Microsoft Defender XDR and CrowdStrike Falcon (deployment, configuration, and response)
- Solid knowledge of cloud security investigations and monitoring with Microsoft Azure and Amazon Web Services (AWS)
- Proficiency in Python and/or PowerShell scripting for automation and response
- Strong understanding of detection logic, incident handling, and response workflows
- Excellent communication and collaboration skills
- Highly self-motivated with the ability to manage priorities and operate independently in a fast-paced environment
- Experience in consulting, finance, or technology environments
- Familiarity with Splunk, and osquery
- Experience with data visualization tools (e.g., Power BI)
- Certifications such as GIAC, GCFA or GCFR