Senior Security Operations Engineer at Field Nation; leading security operations and incident response to enhance cybersecurity posture.
About the role
- Security Incident Response Orchestration Lead at Bank of America defining automation for security incident workflows with a focus on Splunk SOAR and Tines. Collaborating with security operations and engineering teams to implement scalable solutions.
Responsibilities
- Serve as senior technical authority for security orchestration across Splunk SOAR and Tines
- Define architectural standards, reusable automation patterns, and orchestration best practices
- Scope and evaluate incoming automation requests in partnership with the Product Manager to support prioritization decisions
- Coordinate with the Product Owner to ensure clearly defined requirements and acceptance criteria are maintained in the backlog
- Collect and define value metrics at intake including MTTR reduction, analyst time savings, and incident quality improvements
- Partner with over 15 security operations teams to identify and design high-impact automation opportunities
- Coordinate with SOAR feature leads to ensure shared understanding of scope, intent, and accurate execution
- Collaborate with senior and principal-level engineers to design strategic, cross-platform orchestration solutions
- Design, implement, and guide integrations across common SOAR ecosystems, including but not limited to: Microsoft Graph / Entra ID / M365 Defender, CrowdStrike Falcon, Tanium, BloodHound, Anvilogic, ThreatQ, ServiceNow (Incidents, SecOps, CMDB, IR workflows)
- Serve as escalation point for complex orchestration design, execution, and automation failures
Requirements
- 8+ years’ experience in Security Operations, Incident Response, Detection Engineering, or Security Automation
- 4+ years hands-on experience with Splunk SOAR (Phantom) and Tines in enterprise environments
- Deep understanding of incident response workflows and SOC operating models
- Strong experience integrating SOAR platforms with common security and enterprise systems (e.g., MS Graph, CrowdStrike, Tanium, ServiceNow)
- Experience designing automation with emphasis on control, reliability, auditability, and operational safety
- Proven ability to translate ambiguous operational needs into clear, actionable technical designs
- Experience working across a broad set of cybersecurity vendor products and APIs
Benefits
- Discretionary incentive eligible
- Annual discretionary award based on individual performance
- Industry-leading benefits
- Paid time off
- Resources and support for employees
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
SOC Analyst II providing tier II cybersecurity support in a Security Operations Center environment. Conducting vulnerability assessments and analyzing cyber threats while training junior staff members.
Security Operations Analyst responsible for monitoring and responding to cybersecurity threats. Ensuring the confidentiality, integrity, and availability of data per compliance standards.
SOC Analyst responsible for cybersecurity incident management at Algosystems in Greece. Monitoring security threats, conducting investigations, and improving SOC services.
Cyber Operations Lead ensuring coordination of cyber operations between the Security Operations Center and internal business units. Enhancing security through effective incident response and threat management initiatives.
Solution Sales Manager enhancing revenue in financial services, focusing on ServiceNow IRM and Tanium solutions. Collaborating with teams and engaging C - level executives in Austria and Switzerland.
Senior Internal SOC Analyst leading security triage and investigations for Darktrace, utilizing AI - driven cybersecurity technology. Collaborating on incident response and mentorship within a hybrid work environment.
Security Operations Intern responsible for security monitoring at Paddy Power Betfair. Involves data loss prevention investigations and content filtering analysis with a commitment to improving security posture.
SOC Analyst L3 managing and analyzing security events and incidents for Var Group. Responsible for incident management and proactive threat analysis.
SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.