IS Security Operations Senior Engineer HQ

Position Description: Security Operations Senior Engineer role focuses on the architecture, integration, and continuous improvement of security tools, correlation rules, and automation workflows to ensure the SOC can identify and respond to threats effectively. Serve as a senior technical lead within the Security Operations Center (SOC), responsible for engineering and optimizing the detection, monitoring, and response capabilities that protect enterprise systems. You will partner with analysts, infrastructure teams, and other security engineering functions to deliver resilient and scalable operational security solutions.

Essential Duties & Key Responsibilities:

• Design, implement, and maintain SIEM, EDR, and cloud-native monitoring solutions for enterprise and hybrid environments.
• Engineer detection rules, correlation logic, and automation workflows to identify threats with high fidelity and minimal false positives.
• Integrate security tools with ticketing, orchestration, and reporting platforms to support efficient SOC operations.
• Partner with SOC analysts to understand investigation workflows and develop supporting detection and response capabilities.
• Lead technical efforts in the containment, eradication, and recovery phases of major incidents.
• Develop playbooks and scripts to automate common triage and containment actions.
• Evaluate and implement security tool enhancements, tuning strategies, and technology upgrades.
• Conduct root cause analysis of security incidents and recommend long-term preventive controls.
• Collaborate with infrastructure, application, and cloud teams to embed security monitoring and logging requirements into system designs.
• Maintain awareness of evolving attack techniques and translate them into actionable detection logic using frameworks such as MITRE ATT&CK.
• Provide technical guidance during threat hunting exercises and proactive security assessments.
• Mentor junior engineers and analysts on detection engineering and SOC tool best practices.
• Contribute to documentation, architecture diagrams, and configuration baselines for all SOC technologies.
• Present and lead the implementation of new tools, skills and capabilities to improve SOC operations.
• Other activities, duties, and responsibilities as assigned.

Qualifications:

• Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related technical field; or equivalent combination of education, training, and experience.
• Minimum of 5-7 years of experience in security engineering, detection engineering, or SOC operations with a technical focus.
• Strong hands-on experience with SIEM platforms, EDR solutions, and cloud monitoring technologies.
• Familiarity with Microsoft security solutions, including Defender, Sentinel, and Intune, preferred but role remains tool-agnostic.
• Proficiency in writing and tuning detection rules, automation workflows, and custom scripts.
• Strong understanding of logging, event correlation, and security architecture principles.
• Experience applying MITRE ATT&CK framework to detection engineering and incident response.
• Certifications such as SC-200, GCDA, GCIH, CISSP, or similar preferred.
• Excellent communication and collaboration skills with both technical and non-technical stakeholders.
• Demonstrated ability to lead technical incident response efforts under pressure.
• Limited travel

Physical Demands:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to sit, use hands to finger, handle, or feel objects, tools, or controls; and reach with hands, talk, and hear. The employee frequently views a computer monitor and frequently uses a computer keyboard. Specific vision abilities required by this job include close vision, peripheral vision, depth perception, and the ability to adjust focus. The employee is occasionally required to be mobile, and the employee occasionally travels both short and long distances via a variety of conveyances. The employee occasionally performs work on-site at construction work sites, office locations, and/or off-site venues. The employee must regularly lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds.

Work Environment:
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee regularly works in an office or remote. The noise in the work environment is usually quiet to moderate in an office setting. The employee is required to work in compliance with company safety policies, procedures, and applicable laws.

The annual salary range for this position is $136,000 - $212,000.

Turner is an Equal Opportunity Employer - race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or other characteristics protected by applicable law.