Security Operations Engineer II

Investigate and remediate security incidents while building detections and automation to prevent recurrence.

• •The Security Operations Engineer II investigates, contains, and remediates security incidents, and builds durable detections and automation to prevent recurrence.
• •Key Responsibilities Own incidents end-to-end across SIEM, EDR, network, identity, and cloud telemetry.
• •Perform root cause analysis and implement detections, controls, and playbook updates.
• •Conduct proactive threat hunting across enterprise and cloud telemetry.
• •Develop and exercise incident response playbooks and runbooks.
• •Manage and tune detection/response tooling and automate routine SecOps tasks.
• •Requirements 3+ years in Security Operations (SOC, IR, detection, or threat hunting).
• •Knowledge of incident response frameworks and MITRE ATT&CK.
• •Experience with SIEM (Sentinel, Splunk, Chronicle, Elastic) and EDR (CrowdStrike, Defender XDR, SentinelOne).
• •Scripting ability (Python, PowerShell, Bash) and KQL/query authoring.