Security Engineer
$125,000–$155,000 year
Remote · Miami, Florida, United States
Job Summary
Mid-level Security Operations & Production Security Engineer to bridge security operations, detection engineering, incident response, cloud/identity security, and production readiness. Will operate and improve the security monitoring stack, support incident response, tune detections, maintain runbooks, validate security controls, coordinate with managed SOC/MDR partners, and help ensure systems are secure, observable, supportable, and ready for Day 2 operations. Role involves monitoring across Defender, Sentinel, Huntress/MDR, Wiz, Datadog, Jira, and Slack; developing and tuning detection logic; incident coordination and timelines; production security governance; cloud/identity/security posture reviews; and Day 0–Day 2 readiness. Expected to contribute to SOAR/automation efforts and mentor the Junior Analyst; strong documentation and cross-team collaboration are essential.
Required Qualifications
- 3–5 years of experience in SOC operations, security operations, production support, security engineering, or a similar hands-on cybersecurity role
- Experience with Microsoft security tools such as Microsoft Defender, Microsoft Sentinel, Microsoft Entra ID, Microsoft 365 security, or Azure security services
- Ability to investigate alerts using SIEM/EDR data, KQL, logs, endpoint telemetry, identity logs, and cloud signals
- Experience with incident triage, phishing investigations, malware alerts, suspicious sign-ins, endpoint events, and escalation workflows
- Basic understanding of cloud security, identity security, MFA, SSO, conditional access, endpoint protection, and vulnerability/cloud exposure management
- Ability to write clear documentation, incident notes, runbooks, ticket updates, and executive-ready summaries
- Comfortable working in a small team where priorities change, and the person may need to support operations, engineering, documentation, and coordination
- Strong communication skills and ability to work across Slack, Jira, Teams, security tools, managed SOC providers, engineers, and business stakeholders
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.