NextPath Workforce Solutions is currently seeking a Security Engineer to join our client’s team. This is an Remote, Direct Hire position.
SALARY: $125,000 – $155,000 (depending on experience)
Unfortunately, at this time our client is unable to sponsor or transfer visas. Only candidates authorized to work in the US without sponsorship should apply.
REQUIREMENTS:
• 3–5 years of experience in SOC operations, security operations, production support, security engineering, or a similar hands-on cybersecurity role
• Experience with Microsoft security tools such as Microsoft Defender, Microsoft Sentinel, Microsoft Entra ID, Microsoft 365 security, or Azure security services
• Ability to investigate alerts using SIEM/EDR data, KQL, logs, endpoint telemetry, identity logs, and cloud signals
• Experience with incident triage and investigations involving phishing, malware, suspicious sign-ins, endpoint events, and escalation workflows
• Basic understanding of cloud security and identity security (MFA/SSO, conditional access), endpoint protection, and vulnerability/cloud exposure management
• Ability to write clear documentation, incident notes, runbooks, ticket updates, and executive-ready summaries
• Comfortable working in a small team where priorities change and you may support operations, engineering, documentation, and coordination
• Strong communication skills and ability to collaborate across Slack, Jira, Teams, security tools, managed SOC providers, engineers, and business stakeholders
RESPONSIBILITIES:
• Monitor and triage alerts across Microsoft Defender, Sentinel, Huntress/MDR, Wiz, Datadog, Jira, and Slack
• Validate alert severity, business impact, affected assets, containment status, and escalation requirements
• Coordinate security events from initial triage through containment, documentation, closure, and post-incident follow-up
• Review daily dashboards, security ticket queues, alert quality, and support operational reporting
• Develop, tune, and maintain detection logic in Huntress, Defender, KQL, and related tools
• Reduce false positives and alert noise by reviewing recurring detections, suppression logic, enrichment opportunities, and escalation criteria
• Build and improve alert runbooks, investigation workflows, and playbooks for common security scenarios (phishing, malware, suspicious sign-ins, cloud exposure, endpoint events, account compromise)
• Assist with SOAR/automation efforts using Logic Apps, playbooks, webhooks, or other workflow tools
• Support incident response across endpoint, identity, cloud, email, and suspicious activity events
• Coordinate containment actions such as endpoint isolation, identity reset, access revocation, escalation to Tier 2/Tier 3 SOC, and remediation follow-up
• Maintain incident timelines, evidence, RCA notes, and closure documentation
• Ensure P1/P2 incidents have clear communication, structured Slack threads, linked Jira tickets, and documented executive summaries when needed
• Support security operations across Microsoft Defender, Microsoft Entra ID, Microsoft 365, Azure, endpoint protection, and cloud risk tools
NEXTPATH WORKFORCE SOLUTIONS:
NextPath is a strategic talent partner connecting skilled professionals with organizations driving innovation and growth. Our recruiting team brings more than 80 years of combined experience delivering workforce solutions that align the right talent with the right opportunities. We work with leading companies across the country, offering flexible engagement models including contract, project-based, contract-to-hire, and direct hire roles.
If the position above doesn’t appear to fit, we do have a host of clients with roles that could be a match and not every position will be posted. Feel free to reach out to find a better match by emailing your resume to apply@nextpathcp.com for a recruiter to engage.
We are an Equal Opportunity Employer
View all open jobs: http://www.nextpathcp.com