×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Senior SecOps Engineer

Remote / Online - Candidates ideally in
Chicago, Cook County, Illinois, 60290, USA
Listing for: RethinkFirst
Remote/Work from Home position
Listed on 2025-10-31
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 100000 - 130000 USD Yearly USD 100000.00 130000.00 YEAR
Job Description & How to Apply Below

About Rethink First

Rethink First is a leading behavioral health technology company working to make mental wellness, education, and support accessible and scalable. Through our suite of cloud-based platforms—including Rethink Ed, Rethink Care, and Rethink

BH—we serve educators, employers, and providers with tools that deliver measurable, inclusive outcomes.

We’re on a mission to make behavioral health more effective, equitable, and human—and we’re looking for a creative visionary to help lead that charge.

What you'll be doing

We’re seeking a Senior Security Operations (Sec Ops) Engineer to be responsible for engineering and improving the operational security foundation of the company — including automation, detection tuning, and incident readiness. This is an impact-driven, hands-on technical role focused on building scalable defenses and readiness and reinforcing a security-first culture.

You will partner closely with our SOC partner, acting as the technical and operational bridge to ensure high-fidelity detections, meaningful escalations, and continuous reduction of alert noise. This is ideal for someone with a software or Sec Ops/Dev Ops background who has evolved into security engineering and wants to shape how security operations run at scale.

Core Responsibilities
  • Security Automation & Engineering
    • Design, build, and maintain automation workflows to eliminate manual Sec Ops tasks (Python, Power Shell, APIs, orchestration tools).
    • Integrate data and events from multiple sources (EDR, SIEM, cloud logs, vulnerability scanners, identity systems) to enhance visibility and context.
    • Develop reusable scripts, playbooks, and evidence collection automations to support compliance and incident response via aggregation tools and dashboarding.
  • Third-Party SOC Partnership
    • Serve as the primary technical interface between our internal team and the managed SOC provider.
    • Continuously refine alert logic, escalation paths, and severity classifications to reduce false positives.
    • Review and validate detections, ensuring coverage aligns with the company’s threat model and risk priorities.
    • Provide feedback and data to the SOC to tune detections and automate enrichment processes.
    • Conduct after-action reviews with the SOC to improve handoffs and documentation quality.
  • Incident Response & Readiness
    • Lead internal investigation and response when incidents are escalated from the SOC.
    • Build and maintain playbooks and runbooks for repeatable, automated responses.
    • Coordinate containment, root cause analysis, and lessons learned with cross-functional teams.
    • Perform post-incident analysis to improve detection rules and reduce future alert fatigue.
  • Vulnerability & Threat Management
    • Manage the vulnerability lifecycle — scanning, prioritization, and coordination of remediation across IT and Engineering.
    • Correlate vulnerabilities with asset ownership and exposure context using automation.
    • Track and report remediation SLAs and provide risk-based metrics to leadership.
  • Cloud & Infrastructure Security
    • Partner with Dev Ops and engineering to implement automated guardrails and least-privilege IAM policies.
    • Conduct reviews of cloud configurations (AWS, Azure, GCP) and recommend automated controls.
    • Build event-driven detection and response functions using cloud-native tools.
  • Collaboration & Mentorship
    • Work closely with Compliance to provide evidence for audits (SOC 2, HITRUST).
    • Mentor junior security team members and offshore resources in automation, scripting, and incident response.
    • Advocate for “build once, automate forever” within security operations.
Required Qualifications
  • 8+ years of experience in Sec Ops, Dev Ops, security engineering, or software development with an automation focus in SaaS environments.
  • Proficient in scripting and automation (Python, Power Shell, etc) and integrating with APIs.
  • Experience managing or collaborating with a managed security provider (MSSP/MDR/SOC).
  • Strong grasp of SIEM and EDR ecosystems, including alert tuning and log analysis.
  • Familiarity with cloud security (AWS, Azure) and infrastructure-as-code concepts.
  • Excellent analytical, communication, and documentation skills.
Preferred Qualifications
  • Background in software or…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search