[Remote] Security Operations Engineer
Note: The job is a remote job and is open to candidates in USA. Tokio Marine HCC, through its incident response firm Vector3, is seeking a Security Operations Engineer to provide technical and operational support for their MDR customers. The role involves incident investigation, technical troubleshooting, compliance reviews, and operational security initiatives to ensure timely support and guidance for customers.
Responsibilities
- Review and investigate MDR alerts requiring customer follow-up
- Support incident validation, scoping, and remediation activities
- Conduct log analysis and security investigations
- Assist customers with containment and recovery validation
- Document investigative findings and recommendations
- Support deployment and administration of Sophos MDR technologies
- Assist with endpoint onboarding, integrations, and configuration activities
- Troubleshoot technical issues involving MDR platforms
- Validate policy configurations and security controls
- Maintain technical documentation and operational runbooks
- Support Cyber Hygiene assessments and compliance reviews
- Assist with security maturity evaluations
- Review customer environments for security improvement opportunities
- Provide technical recommendations aligned to security best practices
- Work closely with TAMs on customer engagements
- Coordinate with Sophos MDR teams during investigations
- Support DFIR personnel during escalated incidents
- Participate in service improvement initiatives
Skills
- Minimum 4 Year Bachelors Degree in Cyber security, Computer Science, information Technology related degree
- 3+ years in security operations, cybersecurity engineering, SOC operations, incident response, or IT security
- Knowledge of Microsoft 365, Google Workspace, endpoint security, network security technologies, log analysis, and security investigation methodologies
- Strong troubleshooting and analytical skills
- Experience supporting MSSP, MDR, or SOC environments
- Familiarity with NIST CSF, CIS Controls, and common compliance frameworks
- Experience supporting Microsoft Defender, Sophos, CrowdStrike, SentinelOne, or similar platforms
- Strong analytical and investigative mindset
- Excellent technical troubleshooting skills
- Ability to effectively communicate technical and security concepts to both technical and non-technical audiences in English
- Detail-oriented and process-driven
- Collaborative team player
- Spanish bi-lingual encouraged to apply
- Security+, CySA+, SC-200, Sophos Engineer, or similar certifications a plus
- Professional proficiency in Spanish (written and verbal) with the ability to communicate technical and security concepts to Spanish-speaking customers
Benefits
- Competitive salary and employee benefit package
- Strong learning culture
- Growth perspectives
- 6% 401K match
- 20 days of PTO and 2 Floating Days
- Paid parental leave
Company Overview
Company H1B Sponsorship