Mid Level Security Operations Engineer

Mid Level Information Security Operations Engineer

Mid-Level Information Security Operations Engineer

Location: Phoenix, AZ or Oakland, CA (Relocating to Walnut Creek, CA) or Honolulu, HI

Industry: Maritime & Logistics

Job Type: Full-time, Hybrid (2 Days On-Site Weekly)

Work Status: No C2C or C2H

About the Company

StratITech is hiring on behalf of a leading logistics and transportation company that plays a vital role in moving goods across the globe. The company is focused on innovation, efficiency, and securing its operations—making cybersecurity a key priority.

About the Role

We’re looking for a Mid-Level Security Operations Engineer to join the security team. This hybrid role is a great fit for someone who enjoys both remote flexibility and in-person collaboration (2 days per week onsite). You’ll help monitor, investigate, and respond to cybersecurity threats, while contributing to the overall security strength of cloud and on-prem systems.

Security Operations is a critical function within the Information Security team. The individual should be proactive, analytical, and ready to respond to a wide range of cyber threats—including those targeting the maritime industry—with precision and minimal downtime.

What Youll Do

Monitor and analyze security events and logs to identify potential threats.

Respond to security incidents (e.g., phishing, malware, unusual activity), investigate root causes, and assist with remediation.

Support day-to-day operations: log monitoring, data loss prevention, compliance monitoring, and security alerts across endpoints, servers, and cloud systems.

Use SIEM and SOAR platforms to detect, correlate, and respond to security issues.

Assist in developing SOAR playbooks to enhance response automation.

Manage and tune firewalls, IDS/IPS, endpoint protection, and cloud security tools.

Help maintain and manage logging environments, including license managers, indexers, and search heads.

Collaborate with IT and cloud infrastructure teams to improve security controls.

Participate in regular security incident response testing and exercises.

Investigate and respond to incidents, conduct root cause analysis, identify vulnerabilities, and implement remediation.

Respond to phishing attacks by tracking down and recalling malicious emails and alerting affected users.

Support periodic compliance testing, metrics reporting, and documentation of procedures.

Research emerging security threats and trends to recommend countermeasures.

Collaborate with external security vendors and internal stakeholders on threat response and prevention.

What You Bring

Security Operations Experience: Hands-on SOC experience (Tier 1–2), with skills in analyzing logs, managing alerts, and triaging incidents.

Incident Response Skills: Comfortable with the full lifecycle of incident detection, containment, investigation, and reporting.

Technical Foundations: Solid knowledge of networks, system architecture, and protocols (DNS, BGP, TCP/IP, SMTP, SSL, etc.).

Tool Familiarity: Experience with Splunk, Microsoft Defender, PowerShell, Proofpoint, Office 365, and other security platforms.

Cloud Security: Familiarity with AWS, Azure, and cloud-native tools (e.g., GuardDuty, Data Explorer, Log Analytics).

System Knowledge: Understanding of Unix/Linux, Windows, macOS, shell scripting, SQL, and application security.

Soft Skills: Strong communication skills—able to explain complex issues to non-technical stakeholders, and work across teams effectively.

Process Mindset: Understanding of memory management, triage/investigation practices, and the incident response lifecycle.

Adaptability: Ability to multi-task in a fast-paced environment, handle customer-reported issues, and work independently or in teams.

Nice to Have

Security certifications such as CEH, CISSP, or GIAC (GCIH, GCIA, GCFA).

Understanding of web vulnerabilities like XSS, CSRF, SQL Injection.

Experience with vulnerability management tools and remediation strategies.

Experience supporting SOAR development and threat intelligence integrations.

Compensation & Perks

Competitive salary (commensurate with experience)

Full benefits package

Career advancement opportunities

Hybrid work model – 2 days per week onsite