Senior Security Operations Engineer

LOCATION

Mountain America Center - Hybrid:

9800 S Monroe St
Sandy, UT 84070

SCHEDULE

Full Time

This role is not a security architecture or platform‑engineering role. It focuses on hands‑on security operations, investigation, and operating established controls rather than designing or building them.

As a Security Operations Engineer, you are a key contributor to the day‑to‑day defense and reliability of our cybersecurity program. This is a hands‑on security operations role focused on monitoring, investigation, vulnerability execution, and consistent operation of established security controls.

You’ll work within defined frameworks and procedures while collaborating closely with Cybersecurity Engineering, Architecture, and Incident Response. This role is ideal for engineers who enjoy operational security work, real‑world investigations, and steadily improving how security is executed every day.

What You’ll Do

To be successful in this role, you will:

• Monitor, triage, and investigate security alerts across endpoint, network, cloud, and SaaS environments to support timely detection and response.
• Participate in on‑call and escalation rotations to ensure continuous operational security coverage.
• Execute day‑to‑day vulnerability management activities, including scanning, validation, risk analysis, and remediation tracking.
• Help tune detections and operational policies to improve signal quality, reduce false positives, and increase efficiency within existing security tooling.
• Support the operational implementation and monitoring of data classification, data loss prevention (DLP), and data protection controls.
• Investigate and respond to data protection alerts and events, escalating as appropriate.
• Develop and maintain security operations documentation, including runbooks, procedures, and standards that enable consistent execution.
• Participate in change management processes, reviewing proposed changes to security controls for operational impact and adherence to standards.
• Collaborate with Cybersecurity Engineering, Architecture, and Incident Response by providing operational feedback on tooling effectiveness, detections, and control performance.
• Support audits, assessments, and regulatory activities by producing operational evidence and providing technical input.
• Stay current on emerging threats, vulnerabilities, and industry best practices, applying relevant insights to daily security operations.

Knowledge, Skills & Abilities

The qualifications below represent the knowledge, skills, and abilities required to perform the role effectively.

Experience

• 3+ years of progressive experience in cybersecurity operations or a closely related technical security role.
• Hands‑on experience supporting vulnerability management programs.
• Experience working with endpoint security platforms (AV, EDR, XDR).
• Foundational knowledge of data classification, DLP, and data protection concepts.
• Strong analytical and troubleshooting skills, with the ability to evaluate risk and prioritize response actions.
• Ability to produce clear, accurate operational documentation to support incidents, audits, and internal processes.
• Ability to work independently with minimal supervision while collaborating effectively across teams.
• Strong organizational and time‑management skills in a fast‑paced operational environment.
• Adaptable, curious, and motivated to continuously learn and grow technical security skills.

Education & Experience

• Bachelor’s degree in Information Security, Computer Science, or equivalent practical experience.

Certifications (Preferred)

• Security+, CySA+, Security X, GCIH, GCED, GCIA, CISSP, or equivalent certifications.

Role Expectations & Growth

• This is an individual contributor role focused on operational execution and technical development.
• Success in this role comes from reliable execution, sound judgment, and continuous improvement, with opportunities to grow deeper expertise in investigations, detection tuning, and vulnerability operations.