Security Operations Remote Jobs in Illinois (US)

This page tracks remote security operations openings that are location-eligible for Illinois.

Open jobs

245

Hiring companies this week

Salary sample

$60,000 - $230,000

Jobs added last hour

Strict location onlyShow closed jobs

Post Date

Minimum Salary

Experience

245 Jobs

190 Companies

Senior Manager, Cybersecurity Incident Response – Security Operations

IDEX Corporation

Security Operations1 day ago

Full Time Remote SeniorTeam 5,001-10,000Since 1988H1B No Sponsor

Company Site LinkedIn

• Support enterprise incident response activities across detection, triage, containment, eradication, and recovery • Coordinate the execution of high-impact cybersecurity incidents, in support of Cybersecurity leadership • Serve as an operational escalation point for incident response, ensuring issues are appropriately routed and addressed • Develop and maintain incident response playbooks, procedures, and standards • Support coordination with legal, compliance, IT, and external response partners under the direction of Cybersecurity leadership • Lead post-incident reviews with relevant stakeholders to identify improvements and strengthen organizational readiness • Lead security operations activities focused on SOC services, including security monitoring, alert management, and incident response execution • Oversee internal teams and external service providers (e.g., MSSPs) to ensure consistent, high-quality security operations coverage • Establish and enforce operational standards for alert triage, escalation, and incident handling • Drive scalability and efficiency through automation, orchestration, and process optimization • Ensure effective monitoring coverage across Microsoft 365 Commercial and Government Community Cloud High (GCCH) environments • Own and evolve security operations technologies, including security information & event monitoring (SIEM) and detection and response platforms • Define and govern how multiple SOCs (internal and external) operate together, ensuring clear roles, responsibilities, and coordination models • Establish IDEX Cybersecurity as the lead authority for major incident response, with external SOCs supporting detection and escalation • Manage relationships with external SOC providers, including performance oversight, metrics, and participation in QBRs • Improve detection fidelity through alert tuning, use case development, and false positive reduction • Drive enhancements in detection coverage, response speed (MTTR), and overall operational effectiveness • Partner with cybersecurity leadership to define operational roadmap, priorities, and maturity targets • Coordinate cybersecurity requests and activities across teams, ensuring work is properly triaged, prioritized, and completed • Manage ticketing and escalation processes, ensuring issues are routed, tracked, and resolved in a timely manner • Track and communicate the status of incidents, initiatives, and key activities across teams • Partner with IT and project management office (PMO) teams to ensure cybersecurity requirements are built into projects and services from the start • Promote consistent, security-first practices across IT operations and service delivery • Own security operations performance metrics and reporting, including MTTR, detection effectiveness, alert quality, and service level agreements (SLAs) • Develop and enhance operational metrics and dashboards to support enterprise reporting and risk visibility • Use data-driven insights to identify gaps, inefficiencies, and improvement opportunities • Drive continuous improvement initiatives to enhance operational maturity, scalability, and consistency • Support coordination of cybersecurity readiness efforts, including tabletop exercises and crisis simulations • Mentor and develop team members and stakeholders in incident response practices • Support knowledge transfer and training initiatives to improve enterprise-wide response capabilities • Contribute to development and maintenance of operational documentation and standards.

Cloud Cyber Security

View details: Senior Manager, Cybersecurity Incident Response – Security Operations

Illinois

$141.8K - $212.8K / year

Apply

GEOINT-ISAC Intern Security Operations

North American Electric Reliability Corporation

The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid. NERC develops and enforces Reliability Standards; annually assesses seasonal and long‐term reliability; monitors the bulk power system through system awareness; and educates, trains, and certifies industry personnel. NERC’s area of responsibility spans the continental United States, Canada, and the northern portion of Baja California, Mexico. NERC is the Electric Reliability Organization (ERO) for North America, subject to oversight by the Federal Energy Regulatory Commission (FERC) and Provincial authorities in Canada. NERC's jurisdiction includes users, owners, and operators of the bulk power system, which serves nearly 400 million people.

Security Operations1 day ago

Internship Remote Entry Level

Role Description The Electricity Information Sharing and Analysis Center (E-ISAC) is seeking pre-selected summer interns from the GEOINT-ISAC to support various projects for Security Operations Teams. Interns will work alongside E-ISAC subject matter experts to support intelligence and physical security projects. Potential project areas include: - Open-source research and analysis on unauthorized UAS activity. - Development of a common operating picture using geospatial analysis expertise. - Support real-time situational awareness of potential threats to the energy sector. Interns will gain exposure to real-world critical infrastructure security challenges while contributing to meaningful projects that support the industry. Qualifications - Eligibility: Applicants have already been selected through an approved internship partnership program with the Geospatial Intelligence GEOINT-ISAC – Security Resilience Internship Program (SRIP) Support. Requirements - Background check will be conducted prior to internship. - In compliance with federal law, all persons engaged for internships are required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon internship. - The E-ISAC team is based in Washington D.C. This position is remote but may be requested to travel to the NERC and E-ISAC offices as well as partner locations. - Reimbursement of travel expenses will be in accordance with the company’s travel and expense reimbursement policies. Company Description The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid. NERC develops and enforces Reliability Standards; annually assesses seasonal and long-term reliability; monitors the bulk power system through system awareness; and educates, trains, and certifies industry personnel. NERC’s area of responsibility spans the continental United States, Canada, and the northern portion of Baja California, Mexico. NERC is the Electric Reliability Organization (ERO) for North America, subject to oversight by the Federal Energy Regulatory Commission (FERC) and provincial authorities in Canada. NERC's jurisdiction includes users, owners, and operators of the bulk power system, which serves nearly 400 million people.

View details: GEOINT-ISAC Intern Security Operations

United States

Apply

SOC Analyst Tier 2

Vaultes

Security Operations1 day ago

Full Time Remote SeniorTeam 51-200H1B No Sponsor

Company Site LinkedIn

• Monitor SIEM, EDR, IDS/IPS, email security, vulnerability, and other security platforms for suspicious activity. • Triage alerts and distinguish false positives from actionable security events. • Investigate security events using log data, endpoint telemetry, network data, and threat intelligence. • Escalate incidents in accordance with severity, impact, and response procedures. • Document investigations, findings, and actions taken in ticketing/case management systems. • Support incident handling activities including containment, evidence collection, and coordination with technical teams. • Review vulnerability findings and assist with prioritization and routing to responsible teams. • Participate in shift turnover reporting and maintain accurate operational notes. • Support development and refinement of detection rules, playbooks, and standard operating procedures. • Contribute to metrics reporting such as alert volumes, escalation rates, false positives, and response timelines.

Cloud Cyber Security Linux

View details: SOC Analyst Tier 2

United States

Apply

SOC Analyst Tier 1

Vaultes

Security Operations1 day ago

Full Time Remote SeniorTeam 51-200H1B No Sponsor

Company Site LinkedIn

• Monitor SIEM, EDR, IDS/IPS, email security, vulnerability, and other security platforms for suspicious activity • Perform initial triage of alerts and identify potential false positives versus events requiring further investigation • Collect and review basic log data, endpoint telemetry, and network activity to support analysis • Escalate suspected security incidents to Tier II/III analysts in accordance with defined procedures • Document alerts, actions taken, and relevant details in ticketing/case management systems • Follow established playbooks and standard operating procedures for alert handling • Support incident response activities by gathering information and coordinating with senior analysts as needed • Assist with vulnerability findings review and route issues to appropriate teams • Participate in shift turnover reporting and maintain accurate operational notes • Contribute to maintaining accurate documentation and knowledge base articles • Other responsibilities as assigned

Cyber Security

View details: SOC Analyst Tier 1

United States

$60K - $80K / year

Apply

SecOps Engineer

Lido Finance

The easiest way to stake.

Security Operations2 days ago

Full Time Remote SeniorTeam 51-200Since 2020H1B No Sponsor

Company Site LinkedIn

• Develop secure systems to protect Lido Protocol, DAO, applications, contributors, partners, and stakers. • Define processes, systems, and applications to make attacks difficult to execute and easy to detect. • Embed security practices and tools within the development pipeline. • Develop and maintain incident response plans and playbooks. • Perform regular vulnerability assessments and penetration testing. • Lead or participate in incident response activities, including investigation, containment, eradication, and recovery. • Monitor security alerts and incidents to identify and respond to threats promptly. • Collaborate with development and operations teams to ensure security is incorporated from design to deployment and maintenance. • Provide training and support on security tools and techniques, emphasizing soft skills like communication, negotiation, and influence.

Ansible Docker JavaScript Kubernetes Python Terraform Web3 Go

View details: SecOps Engineer

Worldwide

Apply

Project Coordinator - Security Operations

Continuity Global Solutions

Security Operations3 days ago

Full Time Remote Mid Level

Role Description Continuity Global Solutions is seeking a highly organized, detail-oriented, and proactive Project Administrator to support the Senior Vice President of Operations and assist with the coordination and administration of multiple international projects performed on behalf of the U.S. Government. This position will serve as a critical link between operations, finance, and project management teams. The ideal candidate possesses exceptional written and verbal communication skills, and thrives in a fast-paced environment requiring strong organizational abilities, attention to detail, and the ability to manage multiple priorities simultaneously. - Provide direct administrative support to the Senior Vice President of Operations. - Manage calendars, meetings, travel arrangements, and scheduling across multiple time zones. - Draft, proofread, and edit professional correspondence, documents, and operational reports. - Maintain confidential records and sensitive company information. - Assist in the planning, coordination, and execution of domestic and international projects. - Track project milestones, deliverables, staffing requirements, and deadlines. - Maintain project documentation, databases, and operational records. - Maintain staffing trackers, deployment schedules, and personnel records. - Coordinate candidate documentation and onboarding requirements. - Assist with project budget tracking and financial reporting. - Monitor project expenditures and compare actual costs against approved budgets. - Prepare budget summaries, expense reports, and financial tracking spreadsheets. - Coordinate with accounting and finance personnel regarding invoices, purchase orders, and project-related expenses. - Support forecasting and budget planning activities. - Prepare and track purchase requests, purchase orders, and vendor communications. - Coordinate equipment shipments and inventory tracking. - Maintain organized electronic and physical filing systems. - Perform additional duties and special projects as assigned. Qualifications - Fluency in English (written and spoken) is required. - Bachelor’s degree in Business Administration, Project Management, Finance, or a related field preferred. - Minimum of 3 years of administrative, project coordination, operations, or related experience. - Exceptional written, verbal, and interpersonal communication skills. - Strong organizational and time-management abilities. - Proven ability to manage multiple projects and deadlines simultaneously. - Advanced proficiency in Microsoft Office Suite, including Excel, Word, PowerPoint, and Outlook. - Experience maintaining spreadsheets, reports, and tracking systems. - Strong analytical and problem-solving skills. - High attention to detail and accuracy. - Ability to work independently with minimal supervision while also functioning effectively within a team environment. Preferred Qualifications - Familiarity with international operations, government contracting, or security-related projects. - Experience supporting senior executives or operational leadership. - Experience with project budgeting, financial tracking, or cost reporting.

View details: Project Coordinator - Security Operations

Worldwide

Apply

Manager, Security Operations

Figma

Figma was founded in 2012 to build a collaborative, professional-grade interface design tool for the digital age. Created specifically for interface design and

Security Operations8 days ago

Full Time Remote Lead

Company Site

Role Description Figma's Security team is growing, and we're looking for a Security Operations Manager to lead the strategy and execution of our security operations program. In this role, you'll build and scale the systems, processes, and tooling that help protect Figma and our community. You'll partner closely with Security Engineering, Platform Security, IT, GRC, and Legal to strengthen our detection and response capabilities, improve operational resilience, and help shape the future of our DART and SOC functions. This is a full-time role that can be held from one of our US hubs or remotely in the United States. What you'll do at Figma: - Own Figma's security monitoring and incident response program, from detection engineering through post-incident review and continuous improvement. - Build and automate security operations workflows, including alert triage, enrichment, investigation, and response actions using SOAR and custom tooling. - Develop and maintain incident response run books, escalation procedures, and communication plans for security events of varying severity. - Lead incident response preparedness initiatives, including tabletop exercises, red team engagements, and response capability assessments. - Improve the effectiveness of our SIEM and SOAR platforms by reducing noise, increasing signal fidelity, and closing detection coverage gaps. - Build and operationalize threat intelligence capabilities to identify adversary behaviors, prioritize investments, and strengthen detection and response programs. - Partner with Legal, Privacy, and Communications teams to support breach notification and regulatory response obligations during significant security incidents. - Drive security operations strategy through vendor management, operational metrics, and cross-functional initiatives spanning IAM, vulnerability management, DLP, and exposure reduction. Qualifications - 7+ years of experience in security operations, incident response, or a related security engineering function. - Hands-on experience building and automating detection and response workflows using scripting, APIs, or security automation platforms. - Deep expertise with SIEM and SOAR technologies in a cloud-native or SaaS environment. - Demonstrated success building, scaling, or significantly improving a detection and response program. - Experience leading complex security incidents and partnering with Legal, Privacy, and business stakeholders during high-impact events. Requirements - While it's not required, it's an added plus if you also have: - Operated in a public company environment with SOX, ISO 27001, SOC 2, or FedRAMP requirements. - Applied AI risk management frameworks such as NIST AI RMF, OECD AI Principles, or ISO 42001. - Utilized AI-powered tools to automate security operations workflows and improve team efficiency. Benefits - Figma offers equity to employees, as well as a competitive package of additional benefits, including: - Health, dental & vision. - Retirement with company contribution. - Parental leave & reproductive or family planning support. - Mental health & wellness benefits. - Generous PTO. - Company recharge days. - Learning & development stipend. - Work from home stipend. - Cell phone reimbursement. - Sales incentive pay for most sales roles. - Annual bonus plan for eligible non-sales roles.

View details: Manager, Security Operations

United States

$185K - $296K / year

Apply

Security Operations Analyst

Huntress

Managed endpoint protection, detection and response for the 99% who need it most.

Security Operations8 days ago

Full Time Remote Mid LevelTeam 201-500Since 2015H1B No Sponsor

Company Site LinkedIn

• Triage, investigate, and respond to alerts coming in from the Huntress platform. • Perform tactical review of EDR telemetry, log sources, and forensic artifacts to determine the root cause of attacks, where possible, and provide remediations needed to remove the threat. • Perform tactical malware analysis as part of investigating and triaging alerts. • Investigate suspicious Microsoft M365 activity and provide remediations. • Assist in escalations from the Product Support team for threat-related and SOC-relevant questions. • Contribute to detection engineering creation and tuning efforts. • Contribute to projects focused on driving better outcomes for our analysts and partners • Contribute to our collaboratively mentored team (we're all here to make each other better!).

Linux MacOS

View details: Security Operations Analyst

United States

$100K - $125K / year

Apply

Staff Security Operations Engineer

Apollo GraphQL

Apollo is the GraphQL company. Our mission is to empower every developer with a graph.

Security Operations9 days ago

Full Time Remote LeadTeam 51-200H1B No Sponsor

Company Site LinkedIn

• Partner with engineering teams to conduct threat modeling and security reviews on new features and architecture changes • Establish and evolve Apollo's application security program including SAST/DAST tooling, dependency scanning, and secure coding standards • Drive security requirements into the SDLC, embedding security gates into CI/CD pipelines • Identify and remediate vulnerabilities in Apollo's products and APIs, with a focus on reducing systemic risk rather than one-off fixes • Act as a security advisor for product teams building customer-facing features, particularly those involving authentication, authorization, and data handling • Advance Apollo’s detection and response strategy in partnership with engineering and IT leadership • Implement and maintain adherence to SOC 2 and other cloud security frameworks • Handle escalations from Sales and Customer Success • Build and tune monitoring, logging, and alerting systems to improve visibility while reducing noise • Drive automation of SecOps workflows to speed up investigation and response • Guide secure adoption of AI across Apollo - from internal use by engineers to AI-powered product features • Participate in our on-call rotation (we keep this lightweight and reasonable)

Apollo Cloud SDLC

View details: Staff Security Operations Engineer

United States

$230K - $255K / year

Apply

Cybersecurity Incident Response Analyst

ServiceNow

As the AI platform for business transformation, we're putting AI to work across organizations — freeing people for work that matters. Making old tech work with new tech. Reaching across departments, from the front office to the back office and every office in between. Our ambition? To become the AI defining enterprise software company of the 21st century (or "AI DESCO21C," as we like to call it). With more than 8,400+ customers, we serve approximately 90% of the Fortune 500®, and we're proud to be a Fortune 100 Best Companies to Work For® and World's Most Admired Companies™. Explore your future career with us, visit www.careers.servicenow.com From Fortune. ©2026 Fortune Media IP Limited. All rights reserved. Used under license.

Security Operations9 days ago

Full Time Remote Mid LevelTeam 10,001+Since 2004H1B Sponsor

Company Site LinkedIn

Role Description IMPORTANT, PLEASE READ BEFORE APPLYING - Due to Federal requirements, only US citizens, US naturalized citizens or US Permanent Residents, holding a green card, will be considered. The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact. What you get to do in this role: - Serve on the frontline of security operations, supporting both ServiceNow’s commercial customers and its federal environment. - Monitor tools and systems that defend ServiceNow’s production and corporate environments. - Define relationships between seemingly unrelated events through deductive reasoning. - Continuously find ways to do things faster, better, and more effectively while maintaining a laser focus on quality. - Work on a geographically diverse team to respond to threats against our infrastructure and track cases to closure. - Participate in an on-call rotation including weekends to ensure timely response to priority incidents. - Work weekend rotational shifts and hours (Pacific Time Zone) outside of standard business hours if necessary. Qualifications - Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. - 2+ years of related experience or equivalent combination of education and experience. - Deep understanding of Security Operations Center and Security Incident Response Team protocols and procedures. - A solid foundation in networking fundamentals, with a deep understanding of TCP/IP and other core protocols. - Experience with SIEM platforms (e.g., Splunk) for log analysis and detection tuning. - Familiarity with EDR tools for endpoint detection and response. - Exposure to SOAR platforms for workflow automation and incident orchestration. - Knowledge of cloud security concepts and experience working in cloud environments (AWS, Azure, or GCP). - The ability to analyze event and system logs, perform forensic analysis, analyze malware, and process other incident response-related data as needed. - Familiarity with intrusion detection systems. - Understanding of Windows and Linux operating systems and command-line tools. - Familiarity with scripting in any language. Requirements - Any cybersecurity or network related certifications (e.g., CCNA, CompTIA, GSEC, GCIH, CEH certifications) are a plus. - ServiceNow platform knowledge is a plus. Benefits - Base pay of $97,600 - $151,300, plus equity (when applicable), variable/incentive compensation and benefits. - Health plans, including flexible spending accounts. - 401(k) Plan with company match. - Employee Stock Purchase Plan (ESPP). - Matching donations. - Flexible time away plan and family leave programs.

View details: Cybersecurity Incident Response Analyst

United States

$97.6K - $151.3K / year

Apply

Job Closed

235more opportunities are still waiting for you.Log in now and take your next shot before someone else does.