Job OverviewRightworks is seeking a motivated Security Operations Engineer to support detection, threat hunting, and security operations across our hybrid cloud environment. This role will focus on developing and improving detection capabilities, performing structured threat hunting, and supporting incident response activities under the guidance of senior team members.
The ideal candidate will have foundational experience in cloud security and security operations, with a strong ability to analyze data, identify suspicious activity, and contribute to improving the organization's overall security posture. This role requires a detail-oriented individual who can follow structured processes, document findings clearly, and continuously develop technical skills in areas such as detection engineering, threat intelligence, and cloud security while working both independently and as part of a team.
This is a hybrid work position, with 3 days per week in our Nashua, NH headquarters.
Responsibilities - Develop and tune detection rules (WAF, EDR, SIEM alerts, etc.) based on known threat actor tactics, techniques, and procedures (TTPs)
- Perform structured threat hunting across endpoints, identity, and cloud workloads
- Conduct threat intelligence research and IOC enrichment
- Support External Attack Surface Management (EASM)
- Assist in the triage and incident response process and in correlating activity across multiple security tools (Defender, Sentinel, etc.) when required
- Contribute to detection improvement through tuning, validation, and feedback
- Document investigations, queries, and findings clearly and consistently
- Assist with security tool optimization, dashboards, and reporting
- Assist with monitoring of artificial intelligence (AI) products to ensure alignment with safety and security policies.
Requirements - 2+ years of hands-on experience implementing technical policies and controls in a hybrid cloud environment, including but not limited to Azure.
- 2+ years of experience correlating external and internal threat intelligence and enriching IoCs.
- 1+ year of experience in proactive threat hunting using advanced query languages (e.g., KQL, CQL, SPL, etc.) and automation techniques.
- 1+ year of experience performing external attack surface management (EASM) across hybrid environments.
- Demonstrated ability to conduct a hypothesis-driven threat hunt and strong knowledge of the MITRE ATT&CK framework and common threat actor TTPs.
- Cybersecurity certifications required (e.g., Microsoft AZ-500, CEH, CySA+ or equivalent).
- Strong OSINT and threat research capabilities, with experience leveraging automation and scripting for enrichment.
- Excellent analytical, documentation, and communication skills; ability to present findings to technical and non-technical audiences.
Eligibility Requirements - This role is open to US Citizens or permanent residents authorized to work in the United States. Rightworks LLC is unable to offer visa sponsorship.
- Due to specific state regulations, we are unable to accept applications from residents of California, Hawaii, or Alaska.
- Relocation will not be offered for this position.
Compensation Our Compensation range for this role ranges from $80,000 to $95,000 annually, and is determined based on factors such as relevant experience, skills, and internal equity.
BenefitsTo provide best-in-class solutions, we need a best-in-class team. We offer competitive salaries to recruit the best talent. We provide company-paid short and long-term disability insurance, life insurance and a generous 401K match. We offer highly affordable medical, dental, vision coverage, and many other valuable benefits. We offer flexible PTO, and numerous paid holidays, affording you the time to be there for what is important in your life. We encourage giving back to our communities by providing paid volunteer time off.
