More jobs:
SOC Engineer
Job in
Overland Park, Johnson County, Kansas, 66213, USA
Listed on 2026-07-06
Listing for:
TENEX.AI
Full Time
position Listed on 2026-07-06
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Overview
TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation, and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the MDR landscape.
Responsibilities- Handle complex incident response and escalation. Take ownership of high-severity and technically complex incidents — leading investigation, driving containment decisions, and communicating findings clearly when it counts.
- Assess and improve telemetry and logging coverage. Automate evaluation of customer environments for logging gaps and deficiencies across endpoint, network, identity, and cloud. Specify what s needed for effective detection and investigation, and work with customers and internal teams to close the gaps.
- Ensure SIEM and detection quality. Apply deep platform knowledge to evaluate detection fidelity, data normalization, parser quality, and alert logic — identifying where coverage or quality falls short and partnering with detection engineering to address it.
- Contribute to response automation quality. Work closely with the SOAR team to review enrichment logic, containment playbooks, and automation design — bringing an incident responder s perspective to what works under pressure and what doesn t.
- Support technical needs across the organization. Serve as a knowledgeable resource for forward-deployed engineers, onboarding teams, and customers on questions spanning telemetry, investigation, platform behavior, and response — representing the SOC s technical depth across functions.
- Improve SOC tooling and operational workflows. Identify friction in how analysts triage, investigate, and respond. Partner on tooling improvements, process changes, and reference content that raise consistency and quality across the team.
- 5+ years in security operations, incident response, or detection engineering with demonstrated depth across multiple domains.
- Strong fluency in logging and telemetry — able to evaluate an environment s coverage posture, identify deficiencies, and articulate what s needed for effective detection and investigation.
- Hands-on experience with SIEM platforms (Google Chronicle, Microsoft Sentinel, and/or Splunk a plus) — enough to understand data modeling, rule architecture, and parser quality, and recognize when a deployment falls short of what our MDR SOC requires.
- Solid understanding of response automation — enrichment pipelines, SOAR playbook structure, containment logic — and the judgment to evaluate whether automation is working as intended.
- Working knowledge of cloud security architecture in at least one major cloud (AWS, Azure, or GCP), including native log sources and their value for investigation.
- Scripting proficiency in Python or Power Shell for automation support, and integration work.
- Familiarity applying AI or LLM-based tooling to security workflows — investigation assistance, alert triage, log analysis, or automation — is a strong plus.
- Clear, confident communicator across technical and non-technical audiences — customers, engineers, and analysts alike.
- Multi-cloud breadth across AWS, Azure, and GCP security tooling and telemetry.
- Experience with IaC (Terraform, Cloud Formation) and Dev Sec Ops practices.
- Familiarity authoring detection runbooks, investigation guides, or SOC operating procedures.
- Splunk Enterprise Security depth — ES notable events, risk-based alerting, correlation search architecture.
- Container and Kubernetes security monitoring exposure.
- Experience building or evaluating AI-assisted security tooling, agentic workflows, or LLM-augmented investigation and response.
- Bachelor’s degree in Computer Science, Information Security, or a related field, OR equivalent work experience.
- Relevant certifications — CISSP, GCIH, GCFE, GCDA, GREM, AWS/GCP security, or SIEM platform certifications — are a plus.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×