Job Title: Security Operations EngineerLocation: Remote, USA (DFW based candidates preferred)Reports to: Managing DirectorEmployment Type: Full time
Job Req ID: 2026
Req Begin Date: 7/1/2026
Job SummaryThe Security Operations Engineer provides technical and operational support for Vector3's MDR customers. This role assists with incident follow-up, technical troubleshooting, remediation validation, compliance reviews, platform administration, and operational security initiatives.
The Security Operations Engineer serves as the technical backbone of the MDR team, allowing TAMs to focus on customer engagement, Cyber Hygiene strategy, and business growth while ensuring customers receive timely technical support and operational security guidance.
Key ResponsibilitiesRelying on advanced knowledge and strong leadership skills, this role is accountable for the following responsibilities:
Incident Investigation & Response Support- Review and investigate MDR alerts requiring customer follow-up.
- Support incident validation, scoping, and remediation activities.
- Conduct log analysis and security investigations.
- Assist customers with containment and recovery validation.
- Document investigative findings and recommendations.
Technical Operations & Platform Support- Support deployment and administration of Sophos MDR technologies.
- Assist with endpoint onboarding, integrations, and configuration activities.
- Troubleshoot technical issues involving MDR platforms.
- Validate policy configurations and security controls.
- Maintain technical documentation and operational runbooks.
Compliance & Security Advisory Support- Support Cyber Hygiene assessments and compliance reviews.
- Assist with security maturity evaluations.
- Review customer environments for security improvement opportunities.
- Provide technical recommendations aligned to security best practices.
Collaboration & Cross-Functional Alignment- Work closely with TAMs on customer engagements.
- Coordinate with Sophos MDR teams during investigations.
- Support DFIR personnel during escalated incidents.
- Participate in service improvement initiatives.
CompetenciesPlanning- Prioritize security investigations, technical support requests, and operational activities to meet customer service expectations.
- Coordinate investigative activities and remediation efforts across multiple customer environments.
Communication- Clearly communicate technical findings, investigation results, and remediation recommendations to customers and internal stakeholders.
- Prepare technical reports, investigation summaries, and operational documentation.
- Translate complex cybersecurity concepts into actionable guidance for technical and non-technical audiences.
Technical Analysis- Analyze security events, endpoint telemetry, cloud audit logs, network traffic, and security platform data to identify threats and support customer investigations.
- Apply analytical thinking to validate alerts, identify root causes, and recommend appropriate remediation actions.
- Maintain awareness of emerging threats, attack techniques, and evolving cybersecurity best practices.
Business Controls and Policies- Comply with all corporate security policies, customer confidentiality requirements, and applicable regulatory obligations.
- Follow established investigation procedures, documentation standards, and operational workflows.
- Contribute to the development and continuous improvement of operational processes and technical playbooks.
Collaboration- Partner with Technical Account Managers to deliver exceptional customer service and security outcomes.
- Coordinate with Sophos MDR personnel, internal engineering teams, and DFIR consultants during customer investigations and escalations.
- Support knowledge sharing and continuous improvement across the Managed Services organization.
EducationMinimum 4 Year Bachelors Degree in Cyber security, Computer Science, information Technology related degree.
Certifications, Licenses, and DesignationsPreferred Security+, CySA+, SC-200, Sophos Engineer, or similar certifications a plus.
Experience3+ years in security operations, cybersecurity engineering, SOC operations, incident response, or IT security.
Other- Knowledge of Microsoft 365, Google Workspace, endpoint security, network security technologies, log analysis, and security investigation methodologies.
- Strong troubleshooting and analytical skills.
- Experience supporting MSSP, MDR, or SOC environments.
- Familiarity with NIST CSF, CIS Controls, and common compliance frameworks.
- Experience supporting Microsoft Defender, Sophos, CrowdStrike, SentinelOne, or similar platforms.
- Professional proficiency in Spanish (written and verbal) with the ability to communicate technical and security concepts to Spanish-speaking customers.
- Strong analytical and investigative mindset.
- Excellent technical troubleshooting skills.
- Ability to effectively communicate technical and security concepts to both technical and non-technical audiences in English; Spanish language proficiency is a plus.
- Detail-oriented and process-driven.
- Collaborative team player.