{"schemaVersion":"jobsearcher.job.v1","id":"3377f1bdfd97e4817d220be3","url":"https://jobsearcher.com/jobs/3377f1bdfd97e4817d220be3","canonicalUrl":"https://jobsearcher.com/jobs/3377f1bdfd97e4817d220be3","title":"SecOps Engineer","description":"About the Role The Security Operations Engineer is responsible for operating the security controls that protect the company's enterprise, cloud, and mission systems, and technical response to security events across the environment. This role operates the day-to-day execution of detection, investigation, vulnerability management, and cloud security posture work, and serves as a hands-on technical authority across the security tooling stack. The Security Operations Engineer partners closely with IT, infrastructure, engineering, and product teams to reduce risk, shorten time-to-detect and time-to-respond, and ensure that security controls function reliably in regulated and non-regulated environments alike. This is a deeply technical role requiring strong engineering fundamentals, incident response experience, and the judgment to make sound security decisions under pressure.\nKey Responsibilities Detection, Monitoring & Response Operate and continuously improve the company's Security Information and Event Management (SIEM) platform, including log source onboarding, parser and normalization maintenance, detection content development, and alert tuning to minimize false positives while preserving coverage.\nBuild and maintain detection rules mapped to adversary behaviors and develop corresponding response playbooks and automation.\nServe as a first responder and technical liaison for security incidents, including triage, containment, forensic collection, root cause analysis, and post-incident review; coordinate with IT, engineering, and legal stakeholders throughout the lifecycle.\nMaintain incident response documentation, runbooks, and evidence-handling procedures suitable for regulated environments and contractual reporting obligations.\nVulnerability Management Operate the vulnerability management lifecycle across endpoints, servers, containers, and cloud workloads, including scanning cadence, finding validation, prioritization, remediation tracking, and exception governance.\nPartner with system owners and engineering teams to drive remediation within agreed service levels, and escalate aging or high-severity findings through defined risk channels.\nProduce vulnerability posture reporting and trend analysis for technical and leadership audiences.\nCloud Security Posture Management Operate Cloud Security Posture Management tooling across the company's cloud environments, including configuration baseline enforcement, drift detection, and continuous compliance monitoring against internal standards and applicable frameworks.\nInvestigate misconfigurations and risky resource states, coordinate remediation with cloud and platform teams, and contribute guardrails and preventive controls where appropriate.\nEndpoint Security Administer and tune endpoint detection and response (EDR) tooling across corporate and engineering fleets, including policy management, exclusion governance, telemetry quality, and response action workflows.\nInvestigate endpoint alerts and suspicious activity, and coordinate containment, isolation, and recovery actions with IT.\nIdentity, Access & Secrets Support operational identity and access management activities, including privileged access monitoring, access review execution, anomaly investigation, and integration of identity telemetry into detection pipelines.\nPartner with IT and engineering on secrets management hygiene, including monitoring for leaked or misused secrets and supporting remediation workflows.\nThreat Intelligence Consume, evaluate, and operationalize threat intelligence from commercial, open-source, and government sources; translate relevant intelligence into detections, hunts, and control recommendations.\nConduct periodic threat hunting across available telemetry based on current intelligence and environmental risk.\nData Loss Prevention As capacity allows, support Data Loss Prevention (DLP) tooling operations, including policy tuning, alert triage, and coordination with data owners on sensitive data handling concerns.\nSecurity Tooling Act as a technical liaison for assigned security tools, including deployment, upgrade, integration, and health monitoring; author and maintain the integrations, scripts, and automation that connect security tooling into the broader engineering and IT ecosystem.\nEvaluate new security technologies through proof-of-concept exercises and provide technical input into procurement and platform strategy decisions.\nRequired Qualifications Five or more years of progressive hands-on experience in security operations, detection engineering, incident response, or a closely related technical security discipline.\nDemonstrated expertise operating a SIEM platform in production, including detection content authoring, data pipeline management, and tuning at scale.\nProven incident response experience, including acting as a technical lead during material security events from initial triage through post-incident review.\nStrong working knowledge of cloud security in at least one major provider (AWS, Azure, or GCP), including native security services, identity constructs, and common misconfiguration patterns.\nPractical experience with vulnerability management tooling and remediation workflows across mixed environments.\nSolid scripting and automation skills in Python, PowerShell, or a comparable language, including integrating APIs across security and IT tools.\nFamiliarity with common detection engineering practices, and established incident response frameworks.\nAbility to communicate complex technical findings clearly in writing and to translate security risk for non-security audiences.\nBachelor's degree in Computer Science, Information Security, Engineering, or equivalent practical experience.\nPreferred Qualifications Experience operating in environments subject to NIST SP 800-171, CMMC, FedRAMP, ISO 27001, or comparable regulated frameworks.\nHands-on experience with AWS GovCloud, Microsoft 365 GCC High, or other sovereign cloud environments.\nExperience with EDR platforms such as CrowdStrike, SentinelOne, or Microsoft Defender for Endpoint at enterprise scale.\nExperience with CSPM platforms such as Wiz, Prisma Cloud, Orca, or equivalents.\nDetection engineering experience using Sigma, KQL, SPL, or similar query and rule languages.\nExposure to identity platforms such as Okta, Entra ID, or Ping, including their audit and telemetry surfaces.\nIndustry certifications such as GCIH, GCIA, GCFA, GCED, OSCP, or equivalent technical credentials.\nActive US security clearance, or eligibility to obtain one.\nSpire work Model Spire operates a hybrid work model, and this position will require you to work a minimum of three days per week in the office.\nAccess to US export-controlled software and/or technology may be required for this role. If needed, Spire will arrange the necessary licenses—this is not something candidates need to have before applying. #LI-DC1\nSalary The anticipated base salary range for this position is listed below. Final base salary for this role will be based on location, skills, experience and qualifications. In addition to base compensation, this role may be eligible for annual equity awards and our employee benefits program, including vacation, sick, and personal time off; optional medical, dental, vision, life, and disability coverage; a 401(K) plan; health and wellness reimbursement program; and participation in Spire's Employee Stock Purchase Plan.\nSalary Range : $189,000 — $225,000 USD\nGlobal Perks Name Your Satellite Program (NYSP), Launch Attendance, Generous Time Off Policy, Education Assistance Program, Employee Assistance Program (EAP), Employee Stock Purchase Program (ESPP), Family Leave, Fitness Reimbursement, Employee Referral Program, Healthy snacks & beverages in every office\nAbout Spire Spire Global is a space-to-cloud analytics company that owns and operates the largest multi-purpose constellation of satellites. Its proprietary data and algorithms provide the most advanced maritime, aviation, and weather tracking in the world. In addition to its constellation, Spire's data infrastructure includes a global ground station network and 24/7 operations that provide real-time global coverage of every point on Earth.\nSpire is Global and our success draws upon the diverse viewpoints, skills and experiences of our employees. We are proud to be an equal opportunity employer and are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or veteran status.\nTo help maintain a safe and secure workplace for Spire employees, all candidates who receive a conditional offer will be required to complete a background check. This may include criminal history and employment verification.\nPlease take a moment to review Spire's Global Data Privacy Notice for Employees, Contractors, Candidates and Visitors, as well as Spire's Privacy Policy.\n\n#J-18808-Ljbffr","company":"Gotomeeting","rawCompany":"gotomeeting","city":"Boulder","state":"CO","isRemote":false,"isActive":true,"createdAt":"2026-06-23T03:24:08.261Z","occupations":[{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"},{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541519","title":"Other Computer Related Services","slug":"other-computer-related-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"SecOps Engineer","description":"About the Role The Security Operations Engineer is responsible for operating the security controls that protect the company's enterprise, cloud, and mission systems, and technical response to security events across the environment. This role operates the day-to-day execution of detection, investigation, vulnerability management, and cloud security posture work, and serves as a hands-on technical authority across the security tooling stack. The Security Operations Engineer partners closely with IT, infrastructure, engineering, and product teams to reduce risk, shorten time-to-detect and time-to-respond, and ensure that security controls function reliably in regulated and non-regulated environments alike. This is a deeply technical role requiring strong engineering fundamentals, incident response experience, and the judgment to make sound security decisions under pressure.\nKey Responsibilities Detection, Monitoring & Response Operate and continuously improve the company's Security Information and Event Management (SIEM) platform, including log source onboarding, parser and normalization maintenance, detection content development, and alert tuning to minimize false positives while preserving coverage.\nBuild and maintain detection rules mapped to adversary behaviors and develop corresponding response playbooks and automation.\nServe as a first responder and technical liaison for security incidents, including triage, containment, forensic collection, root cause analysis, and post-incident review; coordinate with IT, engineering, and legal stakeholders throughout the lifecycle.\nMaintain incident response documentation, runbooks, and evidence-handling procedures suitable for regulated environments and contractual reporting obligations.\nVulnerability Management Operate the vulnerability management lifecycle across endpoints, servers, containers, and cloud workloads, including scanning cadence, finding validation, prioritization, remediation tracking, and exception governance.\nPartner with system owners and engineering teams to drive remediation within agreed service levels, and escalate aging or high-severity findings through defined risk channels.\nProduce vulnerability posture reporting and trend analysis for technical and leadership audiences.\nCloud Security Posture Management Operate Cloud Security Posture Management tooling across the company's cloud environments, including configuration baseline enforcement, drift detection, and continuous compliance monitoring against internal standards and applicable frameworks.\nInvestigate misconfigurations and risky resource states, coordinate remediation with cloud and platform teams, and contribute guardrails and preventive controls where appropriate.\nEndpoint Security Administer and tune endpoint detection and response (EDR) tooling across corporate and engineering fleets, including policy management, exclusion governance, telemetry quality, and response action workflows.\nInvestigate endpoint alerts and suspicious activity, and coordinate containment, isolation, and recovery actions with IT.\nIdentity, Access & Secrets Support operational identity and access management activities, including privileged access monitoring, access review execution, anomaly investigation, and integration of identity telemetry into detection pipelines.\nPartner with IT and engineering on secrets management hygiene, including monitoring for leaked or misused secrets and supporting remediation workflows.\nThreat Intelligence Consume, evaluate, and operationalize threat intelligence from commercial, open-source, and government sources; translate relevant intelligence into detections, hunts, and control recommendations.\nConduct periodic threat hunting across available telemetry based on current intelligence and environmental risk.\nData Loss Prevention As capacity allows, support Data Loss Prevention (DLP) tooling operations, including policy tuning, alert triage, and coordination with data owners on sensitive data handling concerns.\nSecurity Tooling Act as a technical liaison for assigned security tools, including deployment, upgrade, integration, and health monitoring; author and maintain the integrations, scripts, and automation that connect security tooling into the broader engineering and IT ecosystem.\nEvaluate new security technologies through proof-of-concept exercises and provide technical input into procurement and platform strategy decisions.\nRequired Qualifications Five or more years of progressive hands-on experience in security operations, detection engineering, incident response, or a closely related technical security discipline.\nDemonstrated expertise operating a SIEM platform in production, including detection content authoring, data pipeline management, and tuning at scale.\nProven incident response experience, including acting as a technical lead during material security events from initial triage through post-incident review.\nStrong working knowledge of cloud security in at least one major provider (AWS, Azure, or GCP), including native security services, identity constructs, and common misconfiguration patterns.\nPractical experience with vulnerability management tooling and remediation workflows across mixed environments.\nSolid scripting and automation skills in Python, PowerShell, or a comparable language, including integrating APIs across security and IT tools.\nFamiliarity with common detection engineering practices, and established incident response frameworks.\nAbility to communicate complex technical findings clearly in writing and to translate security risk for non-security audiences.\nBachelor's degree in Computer Science, Information Security, Engineering, or equivalent practical experience.\nPreferred Qualifications Experience operating in environments subject to NIST SP 800-171, CMMC, FedRAMP, ISO 27001, or comparable regulated frameworks.\nHands-on experience with AWS GovCloud, Microsoft 365 GCC High, or other sovereign cloud environments.\nExperience with EDR platforms such as CrowdStrike, SentinelOne, or Microsoft Defender for Endpoint at enterprise scale.\nExperience with CSPM platforms such as Wiz, Prisma Cloud, Orca, or equivalents.\nDetection engineering experience using Sigma, KQL, SPL, or similar query and rule languages.\nExposure to identity platforms such as Okta, Entra ID, or Ping, including their audit and telemetry surfaces.\nIndustry certifications such as GCIH, GCIA, GCFA, GCED, OSCP, or equivalent technical credentials.\nActive US security clearance, or eligibility to obtain one.\nSpire work Model Spire operates a hybrid work model, and this position will require you to work a minimum of three days per week in the office.\nAccess to US export-controlled software and/or technology may be required for this role. If needed, Spire will arrange the necessary licenses—this is not something candidates need to have before applying. #LI-DC1\nSalary The anticipated base salary range for this position is listed below. Final base salary for this role will be based on location, skills, experience and qualifications. In addition to base compensation, this role may be eligible for annual equity awards and our employee benefits program, including vacation, sick, and personal time off; optional medical, dental, vision, life, and disability coverage; a 401(K) plan; health and wellness reimbursement program; and participation in Spire's Employee Stock Purchase Plan.\nSalary Range : $189,000 — $225,000 USD\nGlobal Perks Name Your Satellite Program (NYSP), Launch Attendance, Generous Time Off Policy, Education Assistance Program, Employee Assistance Program (EAP), Employee Stock Purchase Program (ESPP), Family Leave, Fitness Reimbursement, Employee Referral Program, Healthy snacks & beverages in every office\nAbout Spire Spire Global is a space-to-cloud analytics company that owns and operates the largest multi-purpose constellation of satellites. Its proprietary data and algorithms provide the most advanced maritime, aviation, and weather tracking in the world. In addition to its constellation, Spire's data infrastructure includes a global ground station network and 24/7 operations that provide real-time global coverage of every point on Earth.\nSpire is Global and our success draws upon the diverse viewpoints, skills and experiences of our employees. We are proud to be an equal opportunity employer and are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or veteran status.\nTo help maintain a safe and secure workplace for Spire employees, all candidates who receive a conditional offer will be required to complete a background check. This may include criminal history and employment verification.\nPlease take a moment to review Spire's Global Data Privacy Notice for Employees, Contractors, Candidates and Visitors, as well as Spire's Privacy Policy.\n\n#J-18808-Ljbffr","datePosted":"2026-06-23T03:24:08.261Z","dateModified":"2026-06-23T03:24:08.261Z","hiringOrganization":{"@type":"Organization","name":"Gotomeeting","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Boulder","addressRegion":"CO","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"3377f1bdfd97e4817d220be3"},"url":"https://jobsearcher.com/jobs/3377f1bdfd97e4817d220be3"}}