Security Operations Engineer
We are partnering with a leading investment management firm to hire a Security Operations Engineer who will strengthen and modernize the organization's Threat Detection & Response capabilities. This is an onsite role in either New York or Boston supporting a fast moving security team responsible for protecting high value data and critical business operations in a complex, cloud‑driven environment.
In this position, you will help evolve the core processes and infrastructure that underpin the firm's security operations. This includes streamlining analyst workflows, improving the quality and consistency of triage and investigations, strengthening the fidelity of signals and telemetry, and expanding the use of automation and AI‑enabled tooling to support faster, more confident response actions.
Key Responsibilities
Operational Engineering & Automation
- Design and optimize SOC workflows for intake, triage, investigation, containment, and lessons learned.
- Develop and maintain SOAR playbooks and automation patterns.
- Improve analyst efficiency by reducing manual toil and friction points.
- Implement safe automation controls (approvals, break‑glass, audit logging).
AI‑Assisted SOC Capabilities
- Build AI‑supported workflows that summarize cases, correlate signals, and prepare investigative evidence.
- Support agentic/MCP‑style workflows to accelerate triage and response.
- Ensure AI systems align with SOC governance and evaluation standards.
Detection Quality, Telemetry & Readiness
- Engineer enrichment, parsing, normalization, and routing pipelines.
- Maintain telemetry quality across EDR, identity, cloud, network, and SaaS sources.
- Run readiness checks: regression tests, purple‑team exercises, and simulations.
- Translate after‑action reviews into lasting improvements in workflow, automation, and SOC processes.
- Support threat hunting with curated datasets, pivots, and hunt templates.
Qualifications
- 5+ years of experience in security engineering, incident response, or detection engineering.
- Strong engineering fundamentals (scripting/programming, testing discipline, and version control).
- Understanding of SOC workflows, IR life cycles, and operational metrics (MTTR/MTTC).
- Ability to turn operational pain points into scalable engineering solutions.
- Strong systems thinking, cross‑team collaboration, and metrics‑driven mindset.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.