Trusted by customers. Loved by team members. The smarter way to career.
SOC Engineer
Location
United States
Posted
114 days ago
Salary
$83.7K - $161.8K / year
Seniority
Mid Level
Job Description
SOC Engineer
Mercury Insurance
• Monitor security tools & systems: Analyze logs, alerts, and data for suspicious activity. • Investigate potential threats: Determine if alerts are real incidents and identify vulnerabilities. • Supervise all Incident/Security issues, including preliminary triage, troubleshooting and remediation. • Gather evidence: Collect and analyze evidence to understand incident scope and impact. • Contain the threat and remediate vulnerabilities: Quickly contain the incident to minimize damage, and implement patching, configuration changes, or other measures to address the exploited vulnerabilities. • Recover from the incident and report to management: Assist in restoring affected systems and data to their normal state, and keep management informed about security incidents and response efforts. • Documentation: Document findings for future reference and improvement, including process roadmaps, change management validations, and user/system impacted incident management and resolutions.
Job Requirements
- Minimum: BS degree in Computer Science, Information Technology, related field; and/or equivalent combination of education or work experience
- Preferred: GIAC Security Essentials Certification
- GIAC Security Leadership Certification
- ISACA Certified Information Security Manager
- Microsoft Certified Systems Engineer: Security
- (ISC)2 SCCP
- (ISC)2 CISSP
- (ISC)2 ISSAP
- CCSK4
- Minimum: 2-4 years of 24x7x365 Security Operations experience and related technologies
- Preferred: 5 or more years of 24x7x365 Security Operations and related technologies
- Understanding of IT infrastructure and networking: This includes knowledge of operating systems, network protocols, and basic infrastructure components.
- Familiarity with common security threats, vulnerabilities, and mitigation strategies like firewalls, intrusion detection/prevention systems (IDS/IPS), and SIEM tools.
- Ability to write basic scripts to automate tasks and generate reports.
- Understanding of established processes for handling security incidents, including containment, eradication, and recovery.
- Proficiency in using the specific security tools and software typically employed by a security organization.
- Communication skills competent for technical and non-technical audiences, including reporting incidents to management and collaborating with other IT teams
Benefits
- Competitive compensation
- Flexibility to work from anywhere in the United States for most positions
- Paid time off (vacation time, sick time, 9 paid Company holidays, volunteer hours)
- Incentive bonus programs (potential for holiday bonus, referral bonus, and performance-based bonus)
- Medical, dental, vision, life, and pet insurance
- 401 (k) retirement savings plan with company match
- Engaging work environment
- Promotional opportunities
- Education assistance
- Professional and personal development opportunities
- Company recognition program
- Health and wellbeing resources, including free mental wellbeing therapy/coaching sessions, child and eldercare resources, and more
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
• Design, implement, and tune high-fidelity detections across cloud, endpoint, SaaS, identity, and application environments • Build and optimize queries, alerts, and correlation logic within our SIEM and EDR platforms • Participate in SOC on-call rotation and serve as escalation point for high-severity incidents • Lead complex investigations across endpoint, cloud, SaaS, and identity environments • Triage and validate high-impact alerts, ensuring consistent investigative rigor and documentation • Conduct proactive threat hunting to identify gaps in detection coverage • Drive continuous improvement of playbooks, runbooks, and case management standards • Build custom security tooling to improve alert enrichment, investigation, and response • Develop integrations between security tools and internal systems via APIs • Automate repetitive investigative workflows and containment actions • Improve signal quality and reduce false positives across the stack • Contribute to guardrails and enforcement mechanisms across cloud and SaaS environments • Serve as the technical escalation point for high-severity incidents • Lead complex investigations and root cause analysis • Improve and mature incident response playbooks and processes • Conduct post-incident analysis and drive systemic improvements • Raise the technical bar within the SOC through mentorship and code/detection review • Establish standards for detection quality and investigation rigor • Partner closely with AppSec, Infrastructure Security, IT, and Engineering • Help shape the SOC and detection engineering roadmap
• SIEM Platform Management • Log Source Integration • Content Development and Optimization • Performance Monitoring and Optimization • Documentation and Reporting • Security Incident Response • Client Engagement and Advisory • Collaboration and Support • Continuous Learning and Threat Awareness
• Monitor security events and logs from a variety of systems and networks in Datadog • Identify potential security incidents and threats • Perform analysis and investigations, correlating events and data to detect security incidents • Develop, document, and evolve processes and procedures for responding to security incidents • Provide technical guidance, training, and support to other members of the security team • Maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures • Work independently with customers on implementations and remote services • Troubleshoot basic configuration/script issues • Attend requirements review and validation sessions as needed • Utilize strong written and verbal communication skills • Stay on time and on task with assigned customer work
Senior Security Operations Center (SOC) Analyst
RapDevDatadog Premier Partner | ServiceNow Elite Partner
• Monitor security events and logs from a variety of systems and networks in Datadog • Identify potential security incidents and threats • Perform analysis and investigations, correlating events and data to detect security incidents • Develop, document, and evolve processes and procedures for responding to security incidents • Provide technical guidance, training, and support to other members of the security team • Maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures • Work independently with customers on implementations and remote services • Troubleshoot basic configuration/script issues • Attend requirements review and validation sessions as needed • Utilize strong written and verbal communication skills • Stay on time and on task with assigned customer work
