Security Operations Engineer
VanEck · New York, NY · 2 wk ago
HybridInformation Technology$150k–$180k/yrFull-time
Key Responsibilities
- Perform daily monitoring, triage, and investigation of security alerts within Security Operations tools, including Microsoft Defender, Sentinel, and Proofpoint.
- Validate, escalate, and document incidents in coordination with internal teams and the third-party SOC.
- Implement and tune ASR rules and endpoint protection policies across managed devices.
- Collaborate with IT Operations to detect, contain, remediate, and recover from cyber events.
- Maintain and refine Sentinel analytic rules, automation workflows, and dashboards.
- Contribute to the development of incident response runbooks, metrics, and post-incident reviews.
- Support cyber event analyses and investigations, alert validation, and data loss prevention signals.
- Aid in testing and deploying new endpoint and detection technologies.
- Participate in continuous improvement of detection logic, automation, and operational playbooks.
Required Qualifications
- 5 + years of hands-on experience in Security Operations, SOC engineering, or incident response.
- Demonstrated proficiency with Microsoft Defender XDR, Microsoft Sentinel, and ASR rules.
- Experience managing or integrating with SOC providers or MSPs.
- Strong understanding of endpoint security, event correlation, and log analysis.
- Familiarity with KQL (Kusto Query Language) and security automation tools (Logic Apps, PowerShell, or equivalent).
- Ability to independently investigate, document, and communicate security events.
- Excellent written and verbal communication skills with a focus on clarity and accountability.
Preferred Qualifications
- Experience with insider-threat monitoring platforms.
- Background in Windows endpoint hardening and configuration management.
- Understanding of cloud and hybrid Azure security architecture.
- Industry certifications such as SC-200, AZ-500, CompTIA CySA+, or GCIA.
Key Competencies
- An analytical mindset and strong troubleshooting ability.
- A proactive approach to threat detection and control improvement.
- A high sense of ownership and accountability for operational outcomes.
- A collaborative and communicative attitude—comfortable coordinating across multiple technical teams.
- An adaptable and capable of balancing multiple priorities in a fast-moving environment.
Language Skills
- Ability to effectively present information in one-on-one and small group situations to technical and non-technical audience.