Engineering Manager – Security Operations

Software Engineer
Remote
April 24, 2026
Full Time
Application ends: July 23, 2026
Apply Now

Job Description


Key Responsibilities :

SOC Platform & Engineering Leadership :

– Lead engineering strategy, architecture, and lifecycle management of all SOC technologies.

– Oversee design and implementation of scalable logging, monitoring, and response platforms.

– Ensure platforms meet performance, resilience, availability, and operational readiness requirements.

– Drive long term engineering roadmaps aligned to enterprise security strategy.

Detection Engineering & Threat Analytics :

– Design and implement detection logic using attacker technique frameworks (e.g., MITRE ATT&CK).

– Develop behavioral, anomaly based, and signature based detections across identity, endpoint, email, cloud, and network domains.

– Perform detection tuning, baselining, and enrichment improvements to enhance fidelity.

– Lead threat analysis and build threat informed use cases to strengthen coverage.

Telemetry, Data Engineering & Integration :

– Lead onboarding and engineering of telemetry sources across cloud, identity, endpoint, network, OT, and SaaS environments.

– Ensure data quality, schema consistency, normalization, and reliability in all pipelines.

– Apply engineering practices to improve log health, reduce noise, and enhance correlation capabilities.

Cross Functional Collaboration :

– Work closely with SOC Operations to address detection gaps and engineering dependencies.

– Partner with Cloud, Identity, Network, and Architecture teams to enhance telemetry and controls.

– Engage with vendors and partners to support platform enhancements and roadmap alignment.

– Provide engineering insights to leadership during incident reviews and strategic discussions.

People Leadership & Capability Development :

– Lead, mentor, and grow SOC engineers, detection engineers, and automation specialists.

– Build structured development pathways focused on advanced engineering skills.

– Promote a culture of innovation, accountability, and technical excellence.

– Create succession plans and capability uplift programs for the team.

1. Detection Engineering :

– Strong hands on experience building detections using : Query based analytics languages (e.g., KQL like, SQL like, pattern matching engines)Behavior based and anomaly based detection techniquesThreat modeling and MITRE ATT&CK mappingSignal correlation, enrichment, and contextual analytics

– Ability to design detections for : Endpoint behavioral anomaliesIdentity misuse and lateral movementEmail threats (phishing, BEC, malware)SaaS and cloud application misuseData exfiltration and DLP bypass patterns

2. Automation & Orchestration :

– Hands on expertise with workflow automation technologies (SOAR type systems).

– Ability to build automated remediation and containment actions.

– Experience with : API integrationsJSON/YAML transformationsEvent driven triggersAutomated enrichment logic

– Ability to automate response actions across endpoints, identity systems, cloud environments, and collaboration platforms.

Telemetry & Data Engineering :

– Proficiency in engineering log pipelines across multiple domains : IdentityCloudEndpointEmailNetworkApplication/SaaS

– Experience with schema design, parsing, normalization, and taxonomy alignment.

– Ability to perform telemetry quality assessments and implement improvements.

Scripting & Engineering Skills :

– Hands on skills in : PowerShell or Bash Python (light to intermediate scripting)Regular expressionsGit based version control

– Experience building engineering automations, utilities, or integration scripts.

Security & Threat Expertise :

– Deep understanding of : Attack lifecyclesThreat actor techniquesIdentity compromise patternsEndpoint exploitation behaviorsCloud attack vectors

– Experience conducting threat informed engineering improvements.

Architecture & Troubleshooting :

– Strong ability to analyze, architect, and optimize large security data platforms.

– Troubleshooting experience across distributed systems, log ingestion, automation failures, and detection pipelines.

Required Qualifications :

– Bachelors degree in Cybersecurity, Engineering, Computer Science, or related field.

– 8 to 12+ years of cybersecurity experience with significant time in SOC engineering or detection engineering.

– Demonstrated expertise leading technical engineering teams in enterprise environments.

– Strong communication skills and ability to translate technical concepts to leadership.

Preferred Qualifications :

– Professional certifications in security operations, cloud security, or architecture.

– Experience in global, hybrid cloud, or 247 operations environments.

– Proven ability to build high performing engineering teams

Are you interested in this position?

Apply by clicking on the “Apply Now” button below!

#GraphicDesignJobsOnline

#WebDesignRemoteJobs #FreelanceGraphicDesigner #WorkFromHomeDesignJobs #OnlineWebDesignWork #RemoteDesignOpportunities #HireGraphicDesigners #DigitalDesignCareers# Dynamicbrand guru

Related Jobs