Senior SecOps Engineer

Job not on LinkedIn

October 30

🏈 Alabama – Remote

Although this job is listed in Alabama, this company may be open to hiring remote in other states.

🌵 Arizona – Remote

Although this job is listed in Arizona, this company may be open to hiring remote in other states.

+25 more states

🏈 Alabama – Remote 🌵 Arizona – Remote 🦌 Connecticut – Remote 🐊 Florida – Remote 🌺 Hawaii – Remote 🌽 Illinois – Remote 🐎 Kentucky – Remote ⚜️ Louisiana – Remote 🌾 Nebraska – Remote 🎰 Nevada – Remote 🗻 New Hampshire – Remote 🏖️ New Jersey – Remote 🌲 North Carolina – Remote 🏈 Ohio – Remote 🌲 Oregon – Remote 🦀 Maryland – Remote 🍂 Massachusetts – Remote 🚗 Michigan – Remote ❄️ Minnesota – Remote 🏰 Missouri – Remote 🔔 Pennsylvania – Remote ⚓ Rhode Island – Remote 🎸 Tennessee – Remote 🤠 Texas – Remote ⚔️ Virginia – Remote ☕ Washington – Remote 🧀 Wisconsin – Remote

⏰ Full Time

🟠 Senior

🛡️ Security Operations

Apply Now

Receive Emails with Similar Jobs

RethinkFirst

WebsiteLinkedInAll Job Openings

Healthcare Insurance • Artificial Intelligence • Education

RethinkFirst is a company dedicated to transforming behavioral health through clinical expertise, data science, and technology. By leveraging these strengths, RethinkFirst aims to empower its customers and drive improved outcomes, thereby positively impacting the lives of millions worldwide. The company provides solutions for various sectors, including schools and businesses, by supporting students and employees alike with mental health resources and tools. With substantial contributions in education, such as working with eight of the largest school districts and supporting over 3 million students, and in corporate wellness, such as reducing absenteeism for companies like Volvo, RethinkFirst utilizes AI and big data to predict patient progress and enhance clinical outcomes. Its services extend across 225 countries, significantly influencing 11 million lives globally.

51 - 200 employees

⚕️ Healthcare Insurance

🤖 Artificial Intelligence

📚 Education

📋 Description

• Engineering and improving the operational security foundation of the company, including automation, detection tuning, and incident readiness. • Building scalable defenses and readiness and reinforcing a security-first culture. • Partnering closely with SOC partner, acting as the technical and operational bridge to ensure high-fidelity detections, meaningful escalations, and continuous reduction of alert noise. • Designing, building, and maintaining automation workflows to eliminate manual SecOps tasks (Python, PowerShell, APIs, orchestration tools). • Integrating data and events from multiple sources (EDR, SIEM, cloud logs, vulnerability scanners, identity systems) to enhance visibility and context. • Developing reusable scripts, playbooks, and evidence collection automations to support compliance and incident response. • Serving as the primary technical interface between internal team and the managed SOC provider. • Continuously refining alert logic, escalation paths, and severity classifications to reduce false positives. • Reviewing and validating detections. • Conducting after-action reviews with the SOC to improve handoffs and documentation quality. • Leading internal investigation and response when incidents are escalated from the SOC. • Building and maintaining playbooks and runbooks for repeatable responses.

🎯 Requirements

• 8+ years of experience in SecOps, DevOps, security engineering, or software development with an automation focus in SaaS environments. • Proficient in scripting and automation (Python, PowerShell, etc) and integrating with APIs. • Experience managing or collaborating with a managed security provider (MSSP/MDR/SOC). • Strong grasp of SIEM and EDR ecosystems, including alert tuning and log analysis. • Familiarity with cloud security (AWS, Azure) and infrastructure-as-code concepts. • Excellent analytical, communication, and documentation skills. • Background in software or application development before transitioning into security (preferred). • Experience building integrations between security tools and Jira, Teams, ticketing systems and with CAASM tools that automate inventory, gap-detection, and enforcement (Axonius, JupiterOne) (preferred). • Knowledge of ERD/vulnerability management tools (Tenable, Defender, Crowdstrike Falcon) (preferred). • Experience in regulated environments (HIPAA, SOC 2, HITRUST) (preferred). • Certifications such as CISSP, GCIH, GCIA, or AWS, Azure security specialty are a plus (preferred).

🏖️ Benefits

• Generous health, dental, & vision benefits package • Flexible paid time off • 11 paid company holidays • 401k + matching • Parental leave • Access to our award-winning RethinkCare platform supporting neurodiversity in the workplace through parental success, professional resilience, and personal wellbeing.