Overview

The IT Security Team is looking for a seasoned professional to support a passionate, innovative, and results driven team. The Senior Security Operations Center (SOC) Cloud Engineer is responsible for monitoring, detecting, and responding to threats in AWS and Azure environments. This role focuses on integrating cloud logs into the SIEM, developing threat detections, and supporting incident response. The ideal candidate has strong technical expertise in cloud security and works closely with SOC analysts to enhance visibility and response across cloud workloads.

This role can be remote anywhere in the country. The salary range for this role is $165,000 to $175,000, plus an annual bonus. However Lakeview considers several factors when extending an offer, including but not limited to, the roles and associated responsibilities, a candidate's work experience, education/training, location and key skills.

Responsibilities

• Collect, monitor, and analyze log sources from AWS and Azure, including CloudTrail, GuardDuty, Security Hub, Azure Activity Logs, Defender for Cloud, and other relevant telemetry sources.
• Ensure AWS and Azure log sources are properly ingested into the SIEM (e.g., Splunk) and normalized for effective detection, alerting, and investigation.
• Design and implement cloud threat detections for activities such as unauthorized access, privilege escalation, lateral movement, and data exfiltration in cloud environments.
• Collaborate with SOC analysts to triage and respond to security alerts and incidents related to AWS and Azure platforms.
• Proactively hunt for threats in AWS and Azure environments using SIEM, native cloud tools, and EDR platforms.
• Develop, document, and automate cloud incident response procedures using SOAR platforms such as Splunk SOAR.
• Work with infrastructure and DevOps teams to improve visibility and security posture across AWS and Azure.
• Stay up to date on new and evolving threats and vulnerabilities targeting cloud platforms and recommend appropriate mitigations.
• Mentor and support junior analysts on cloud detection and response techniques.

Qualifications

• 8+ years of related experience in IT and Cyber Security.
• 3+ years of direct experience securing AWS and Azure cloud environments.
• 5+ years of experience working in an operational security environment (e.g., SOC, NOC).
• Bachelor's degree in Cybersecurity, Computer Science, or related field preferred.
• One or more of the following certifications preferred: AWS Certified Security - Specialty, Azure Security Engineer Associate, GCIH, GCIA, GCFA.
• Experience using SIEM platforms (preferably Splunk) for log ingestion, correlation, and threat detection in cloud environments.
• Strong knowledge of AWS and Azure security services such as GuardDuty, Security Hub, IAM, VPC Flow Logs, Azure Activity Logs, Defender for Cloud, and Sentinel.
• Familiarity with cloud IAM, network configurations, encryption, and resource monitoring in AWS and Azure.
• Hands-on experience with endpoint protection platforms, IDS/IPS, and firewalls in hybrid and cloud networks.
• Scripting skills (e.g., Python, PowerShell, Bash) for automating detections, investigations, or response actions.
• Deep understanding of network protocols such as TCP/IP, HTTP/S, and DNS as they relate to cloud services.
• Detail-oriented with strong analytical skills and the ability to troubleshoot complex security issues.
• Experience with cloud forensic techniques and incident response is a strong plus.
• Exposure to container security, Infrastructure-as-Code (IaC), and CI/CD security best practices in cloud environments is a plus.

Knowledge and Skills Required:

• Strong problem-solving and analytical skills with attention to detail.
• Ability to work independently and collaboratively in a fast-paced environment.
• Self-starter with strong interpersonal, written and verbal communication skills and the ability to interact with technical and non-technical stakeholders.

Certifications

• Splunk Enterprise Certified Admin, Splunk Enterprise Certified Architect OR Splunk Cloud Certified Admin, Splunk SOAR Certified Automation Developer preferred

Location & Compensation

• The hourly rate for this role is $165-175K depending on the individual's experience
• Role can be 100% fully remote depending on geographic location

Physical Demands and Work Environment

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit and use hands to handle, touch or feel objects, tools, or controls. The employee frequently is required to talk and hear. The noise level in the work environment is usually moderate. The employee is occasionally required to stand; walk; reach with hands and arms. The employee is rarely required to stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, color vision, and the ability to adjust focus.