Security Operations Engineer

Tokio Marine HCC

$90K — $120K *
US-AnywhereRemote in United States
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, or related field.
  • Over 3 years of experience in security operations or incident response.
  • Understanding of Microsoft 365, Google Workspace, and endpoint security technologies.
  • Familiarity with NIST CSF and common compliance frameworks.
  • Professional proficiency in Spanish for communication with Spanish-speaking customers.

Responsibilities

  • Investigate and respond to MDR alerts requiring customer follow-up.
  • Support incident validation, scoping, and remediation activities.
  • Conduct log analysis and security investigations for threat identification.
  • Assist customers with containment and recovery post-incident.
  • Support deployment and maintenance of Sophos MDR platforms.
  • Collaborate with Technical Account Managers on customer engagements.
  • Conduct Cyber Hygiene assessments and compliance reviews.

Benefits

  • Remote work flexibility, with a preference for DFW candidates.
  • Full-time employment with a focus on career development.
  • Opportunity to work in a collaborative team environment.
  • Access to various cybersecurity training and professional development opportunities.
Full Job Description
Job Title: Security Operations Engineer
Location: Remote, USA (DFW based candidates preferred)
Reports to: Managing Director
Employment Type: Full time
Job Req ID: 2026
Req Begin Date: 7/1/2026

Job Summary

The Security Operations Engineer provides technical and operational support for Vector3's MDR customers. This role assists with incident follow-up, technical troubleshooting, remediation validation, compliance reviews, platform administration, and operational security initiatives.

The Security Operations Engineer serves as the technical backbone of the MDR team, allowing TAMs to focus on customer engagement, Cyber Hygiene strategy, and business growth while ensuring customers receive timely technical support and operational security guidance.

Key Responsibilities

Relying on advanced knowledge and strong leadership skills, this role is accountable for the following responsibilities:

Incident Investigation & Response Support
  • Review and investigate MDR alerts requiring customer follow-up.
  • Support incident validation, scoping, and remediation activities.
  • Conduct log analysis and security investigations.
  • Assist customers with containment and recovery validation.
  • Document investigative findings and recommendations.


Technical Operations & Platform Support
  • Support deployment and administration of Sophos MDR technologies.
  • Assist with endpoint onboarding, integrations, and configuration activities.
  • Troubleshoot technical issues involving MDR platforms.
  • Validate policy configurations and security controls.
  • Maintain technical documentation and operational runbooks.


Compliance & Security Advisory Support
  • Support Cyber Hygiene assessments and compliance reviews.
  • Assist with security maturity evaluations.
  • Review customer environments for security improvement opportunities.
  • Provide technical recommendations aligned to security best practices.


Collaboration & Cross-Functional Alignment
  • Work closely with TAMs on customer engagements.
  • Coordinate with Sophos MDR teams during investigations.
  • Support DFIR personnel during escalated incidents.
  • Participate in service improvement initiatives.


Competencies

Planning
  • Prioritize security investigations, technical support requests, and operational activities to meet customer service expectations.
  • Coordinate investigative activities and remediation efforts across multiple customer environments.

Communication
  • Clearly communicate technical findings, investigation results, and remediation recommendations to customers and internal stakeholders.
  • Prepare technical reports, investigation summaries, and operational documentation.
  • Translate complex cybersecurity concepts into actionable guidance for technical and non-technical audiences.

Technical Analysis
  • Analyze security events, endpoint telemetry, cloud audit logs, network traffic, and security platform data to identify threats and support customer investigations.
  • Apply analytical thinking to validate alerts, identify root causes, and recommend appropriate remediation actions.
  • Maintain awareness of emerging threats, attack techniques, and evolving cybersecurity best practices.

Business Controls and Policies
  • Comply with all corporate security policies, customer confidentiality requirements, and applicable regulatory obligations.
  • Follow established investigation procedures, documentation standards, and operational workflows.
  • Contribute to the development and continuous improvement of operational processes and technical playbooks.

Collaboration
  • Partner with Technical Account Managers to deliver exceptional customer service and security outcomes.
  • Coordinate with Sophos MDR personnel, internal engineering teams, and DFIR consultants during customer investigations and escalations.
  • Support knowledge sharing and continuous improvement across the Managed Services organization.


Education

Minimum 4 Year Bachelors Degree in Cyber security, Computer Science, information Technology related degree.

Certifications, Licenses, and Designations

Preferred Security+, CySA+, SC-200, Sophos Engineer, or similar certifications a plus.

Experience

3+ years in security operations, cybersecurity engineering, SOC operations, incident response, or IT security.

Other
  • Knowledge of Microsoft 365, Google Workspace, endpoint security, network security technologies, log analysis, and security investigation methodologies.
  • Strong troubleshooting and analytical skills.
  • Experience supporting MSSP, MDR, or SOC environments.
  • Familiarity with NIST CSF, CIS Controls, and common compliance frameworks.
  • Experience supporting Microsoft Defender, Sophos, CrowdStrike, SentinelOne, or similar platforms.
  • Professional proficiency in Spanish (written and verbal) with the ability to communicate technical and security concepts to Spanish-speaking customers.
  • Strong analytical and investigative mindset.
  • Excellent technical troubleshooting skills.
  • Ability to effectively communicate technical and security concepts to both technical and non-technical audiences in English; Spanish language proficiency is a plus.
  • Detail-oriented and process-driven.
  • Collaborative team player.

Similar Jobs

More Jobs at Tokio Marine HCC

More Information Technology Jobs

Find similar Security Operations Engineer jobs: