Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Security Engineer

$125k - $155k

Realtime

Security Operations & Production Security Engineer

Role Summary

We are looking for a mid-level Security Operations & Production Security Engineer to support Realtime's growing security, architecture, and production operation's needs. This role will bridge security operations, detection engineering, incident response, cloud/identity security, and production readiness.

The ideal candidate is hands-on, adaptable, and comfortable wearing multiple hats in a small team. This person will help operate and improve our security monitoring stack, support incident response, tune detections, maintain runbooks, validate security controls, coordinate with managed SOC/MDR partners, and help ensure systems are secure, observable, supportable, and ready for Day 2 operations.

This role is best suited for someone who has strong SOC experience but wants to grow into security engineering, production support, automation, and architecture-adjacent responsibilities.

Why This Role Is Needed

Realtime's security team is small and needs someone who can sit between the Security Architect and the Junior Analyst. The Security Architect should stay focused on architecture, governance, risk, security strategy, control design, and executive-level decision support. The Junior Analyst can help with monitoring, ticketing, and basic triage.

This role fills the operational gap by owning the hands-on security engineering and production security work: detection tuning, incident coordination, tool administration, Jira/Slack workflow hygiene, runbooks, dashboards, Identity management, evidence collection, and day-to-day security operations.

Key Responsibilities

Security Operations & Monitoring

  • Monitor and triage alerts across Microsoft Defender, Sentinel, Huntress/MDR, Wiz, Datadog, Jira, and Slack channels.
  • Validate alert severity, business impact, affected assets, containment status, and escalation requirements.
  • Coordinate security events from initial triage through containment, documentation, closure, and post-incident follow-up.
  • Support daily dashboard review, security ticket queues, alert quality checks, and operational reporting.

Detection Engineering & Tuning

  • Develop, tune, and maintain detection logic in Huntress, Defender, KQL, and related tools.
  • Reduce false positives and alert noise by reviewing recurring detections, suppression logic, enrichment opportunities, and escalation criteria.
  • Help build and improve alert runbooks, investigation workflows, and playbooks for phishing, malware, suspicious sign-ins, cloud exposure, endpoint events, and account compromise.
  • Support basic SOAR/automation efforts using Logic Apps, playbooks, webhooks, or other workflow tools.

Incident Response & Production Security

  • Assist with incident response for endpoint, identity, cloud, email, and suspicious activity events.
  • Coordinate containment actions such as endpoint isolation, identity reset, access revocation, escalation to Tier 2/Tier 3 SOC, and follow-up remediation.
  • Maintain incident timelines, evidence, RCA notes, lessons learned, and closure documentation.
  • Help ensure P1/P2 incidents have clear communication, structured Slack threads, linked Jira tickets, and documented executive summaries when needed.

Cloud, Identity & Endpoint Security

  • Support security operations across Microsoft Defender, Microsoft Entra ID, Microsoft 365, Azure, endpoint protection, and cloud risk tools.
  • Help review suspicious sign-ins, MFA/SSO issues, risky users, privileged account activity, and access control gaps.
  • Assist with cloud exposure triage from Wiz or similar tools, including severity validation, ticket routing, and remediation tracking.
  • Support least-privilege reviews, conditional access validation, endpoint security posture, and security control checks.

Production Readiness & Change Support

  • Support the Day 0 / Day 1 / Day 2 operating model by helping confirm that new systems and changes are ready for production from a security operations perspective.
  • Review or help prepare monitoring requirements, alert runbooks, support escalation paths, rollback considerations, security validation evidence, and operational handoff materials.
  • Work with architecture, engineering, and operations teams to ensure production changes are documented, traceable, and supportable.
  • Help maintain CMDB/Jira asset relationships, monitoring links, runbook references, and security control mappings where needed. Realtime's configuration management materials specifically call out CMDB accuracy, monitoring coverage, alert routing, runbook linkage, support RACI, SLA/SLO mapping, and operational acceptance as part of Day 2 readiness.
  • Documentation, Metrics & Continuous Improvement
  • Create and maintain security runbooks, knowledge base articles, investigation guides, escalation procedures, and incident templates.
  • Track and report operational metrics such as alert volume, false positives, SLA breaches, time to acknowledge, time to isolate, time to contain, and closure quality.
  • Identify recurring issues and recommend improvements to detections, workflows, tooling, dashboards, and team processes.
  • Help mentor the Junior Analyst by reviewing tickets, improving triage quality, and sharing investigation techniques.

Required Qualifications

  • 3–5 years of experience in SOC operations, security operations, production support, security engineering, or a similar hands-on cybersecurity role.
  • Experience with Microsoft security tools such as Microsoft Defender, Microsoft Sentinel, Microsoft Entra ID, Microsoft 365 security, or Azure security services.
  • Ability to investigate alerts using SIEM/EDR data, KQL, logs, endpoint telemetry, identity logs, and cloud signals.
  • Experience with incident triage, phishing investigations, malware alerts, suspicious sign-ins, endpoint events, and escalation workflows.
  • Basic understanding of cloud security, identity security, MFA, SSO, conditional access, endpoint protection, and vulnerability/cloud exposure management.
  • Ability to write clear documentation, incident notes, runbooks, ticket updates, and executive-ready summaries.
  • Comfortable working in a small team where priorities change, and the person may need to support operations, engineering, documentation, and coordination.
  • Strong communication skills and ability to work across Slack, Jira, Teams, security tools, managed SOC providers, engineers, and business stakeholders.

Preferred Qualifications:

  • Experience with Identity management, Defender, KQL, Logic Apps, SOAR/playbook automation, or detection tuning.
  • Experience with tools such as Huntress, Wiz, Datadog, Jira Service Management, Slack, OpenIAM
  • Security+, Microsoft SC-200, CySA+, GCIH, Microsoft AZ-500, CCSP, CISSP, or similar certifications.
  • Exposure to ITIL, change management, ARB/CAB processes, CMDB, production readiness, or operational handoff.
  • Basic scripting or automation experience with PowerShell, Python, Logic Apps, APIs, or workflow automation.
  • Experience working in an MSSP, MDR, SOC, or 24/7 operations environment.

Salary Range: $125,000 -155,000 annually , plus a target 5% annual performance bonus which will be based on the employee's and company's performance. Final compensation will be based on the candidate's experience and qualifications. Our pay structure considers various geographical markets within the United States. The base salary for this role reflects the typical expected earnings. However, the final compensation package is determined by several factors, such as your location, job-specific expertise, skills, experience, and other relevant job-related considerations. What We Offer:

  • A unique opportunity to shape the journey of realtime

  • Working within a rapidly growing, game-changing business

  • Remote, flexible working options

  • Competitive compensation

  • Generous STI and LTI provisions

  • Health, Dental and Vision Insurance

  • Paid Annual Leave

  • Paid Sick Leave

  • 401K, and more

Equal Opportunity Statement:

Realtime is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected status. Application Window : Applications are accepted on an ongoing, continuous basis until the position is filled.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Security Engineer in United States vacancy
  •  ...with J.P. Morgan to connect them with exceptional professionals for this role. JOB DESCRIPTION We are looking for a Security Engineer to build a security platform to secure the firm's usage of SaaS platforms. The platform will monitor security posture and threat... 
    Suggested

    J.P. Morgan

    Plano, TX
    2 days ago
  •  ...MANTECH to connect them with exceptional professionals for this role. MANTECH seeks a motivated, career and customer-oriented Security Engineer to join our team in Springfield, VA. This position will serve as the Assessment & Authorization (A&A) authority for the... 
    Suggested
    Work at office

    MANTECH

    Springfield, MA
    6 days ago
  •  ...design teams for Google Workspace.  What you'll do Lead Security for Our Platform. Take charge of application, cloud, network,...  ...Collaborate with Cross-Functional Teams. Partner closely with engineering, product, and GRC to embed security throughout the software development... 
    Suggested
    Full time
    Flexible hours

    Sierra

    San Francisco, CA
    12 hours ago
  •  ...role is focused specifically on owning and maturing container security across AWS environments (ECS, EKS, and Serverless) with a strong...  ..., improve coverage and monitoring, and partner closely with engineering teams to ensure secure-by-default container deployments without... 
    Suggested

    Vanguard

    Malvern, PA
    9 days ago
  •  ...enterprise software architectures that support the bank's information security operations functions. This role performs feedback and...  ...bank. The position serves as a technical resource for security engineering initiatives, applying advanced knowledge to evaluate, build, and... 
    Suggested
    Remote work

    WesBanco Bank Inc.

    Wheeling, WV
    4 days ago
  • $165k - $185k

     ...office, with no required office days during the summer and winter holidays). About the Role Betterment is hiring a Sr. Security Engineer, Corporate Information Security to be a principal member of the Workforce Security team. We're responsible for managing... 
    Temporary work
    For contractors
    Summer holiday
    Work at office
    Local area
    Flexible hours

    Betterment

    New York, NY
    1 day ago
  • $150k - $350k

     ...Security Engineer, Application Security Figure is an AI Robotics company developing a general purpose humanoid. Our humanoid robot, Figure 02, is designed for commercial tasks and the home. We are based in San Jose, CA and require 5 days/week in-office collaboration... 
    Full time
    Work at office

    Figure

    San Jose, CA
    3 days ago
  • $8,020 per month

     ...Description Office of the Illinois Secretary of State Alexi Giannoulias Job Title:        Information Systems Advisor II – Security Engineering Division: Information Security Union:            IFT Location:        501 S 2nd St, Springfield, IL - Sangamon... 
    Work at office
    Remote work

    Illinois Secretary of State

    Springfield, IL
    10 days ago
  • $104k - $156k

     ...Overview Job Overview As an Advanced Security Engineer focused on Endpoint Security, you will design, build, and operate security controls that protect Relativity’s employee endpoints and the enterprise systems they access. You will help establish hardened, standardized... 
    Remote work

    Relativity

    Salt Lake City, UT
    1 day ago
  • $325k - $405k

     ...About the Team Security is at the foundation of OpenAI's mission to ensure that artificial general intelligence benefits all of humanity...  ...a robust security culture. About the Role As a Security Engineer, Application Security you will be responsible for identifying and... 
    Work at office
    Remote work
    Relocation package

    Dormont Manufacturing Company

    San Francisco, CA
    5 days ago
  •  ...ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers ICS/OT Cybersecurity Engineers and ICS/OT Network Security Engineers support clients in assessing, improving, and maintaining the cybersecurity posture of their ICS/OT environments to mitigate security... 
    Work at office
    Remote work

    Logical Systems

    Jackson, TN
    4 days ago
  •  ...Security Engineer - Application Security Locations: Charlotte NC, Chandler AZ, Westlake TX (Hybrid), (3 days onsite) Duration: 12+ Months Contract W2 Contract Only Required Qualifications: ~5+ years of Application Security Engineering experience, or equivalent... 
    Contract work
    Work experience placement

    Syntricate Technologies

    Chandler, AZ
    4 days ago
  •  ...began with operational use cases has quickly evolved into a horizontal AI automation layer used across IT, HR, Finance, Security, Legal, and Engineering. Our mission is to eliminate repetitive, manual work across the enterprise and give teams leverage through intelligent... 

    Serval

    San Francisco, CA
    2 days ago
  •  ...About the role This is where security meets innovation at enterprise scale. As a security engineer, applications at WRITER, you’ll be building the security foundations that protect the AI systems powering some of the world’s most recognizable brands. You’ll work at the... 
    Full time
    Local area
    Flexible hours

    Writer.ly

    Seattle, WA
    1 day ago
  •  ...San Francisco, NYC, or London offices. You’ll own application security at a company where the app layer is the highest‑priority security...  ...and guardrails that make the safe path the easy path for 50+ engineers Threat models for new features and architecture changes –... 
    Remote work
    Shift work

    Mercor Inc

    San Francisco, CA
    2 days ago
  •  ...this role. The Lead Senior Network Operations Center (NOC) Engineer (Tier 3) serves as the highest technical escalation point within...  ...recovery efforts during major outages involving routing instability, security incidents, hardware failures, or cloud connectivity disruptions... 
    Night shift

    Vanguard

    Charlotte, NC
    10 days ago
  • $100k - $200k

     ...no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest...  ...in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the... 
    Full time
    Contract work
    Remote work
    Work from home
    Home office
    Relocation package

    Trail of Bits

    New York, NY
    5 days ago
  • $104k - $156k

     ...Posting Type Remote/Hybrid Job Overview The Advanced Security Engineer is a technically deep, hands-on practitioner who forms the operational backbone of the enterprise security function. Operating within a layered defense-in-depth program, this engineer owns... 
    Remote work

    Relativity

    Chicago, IL
    2 days ago
  •  ...Security Engineer – Application Security Fragomen is seeking a Security Engineer – Application Security to join our talented Cyber Security team in our Technology Innovation Lab in Pittsburgh. We are looking for professionals who are passionate about security, capable... 

    600 Mobility Tech Solutions LLC

    New York, NY
    4 days ago
  •  ...AWS Security Engineer/Security Engineer Location: Irvine, CA Duration: Full Time Job Description: • 5–10 years of experience in cloud security engineering, with a strong focus on AWS. • Proficiency in AWS security services (e.g., GuardDuty, Security Hub, IAM... 
    Full time

    JConnect Infotech

    Irvine, CA
    4 days ago
  •  ...Information Security Advisor - Network Decryption Engineer Location: Indianapolis IN, Atlanta GA, Mason OH, Tampa FL, Grand Prairie TX Hours: Standard working hours Travel: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration... 
    Work at office
    2 days per week
    1 day per week

    Elevance Health

    Tampa, FL
    5 days ago
  • $209k - $313k

     ...Senior Security Engineer Snap Inc is a technology company. We believe the camera presents the greatest opportunity to improve the way people live and communicate. Snap contributes to human progress by empowering people to express themselves, live in the moment, learn... 
    Live in
    Work at office
    Local area

    Snap

    Santa Monica, CA
    5 days ago
  •  ...To support enhanced logging and monitoring initiatives, the remote IAM Security Engineer will manage Highly Privileged Access (HPA) Logging and Monitoring, collaborate with technology teams to onboard applications to Splunk, and execute functional testing while identifying... 
    Remote work

    Virtual Vocations Inc

    United States
    1 day ago
  • $111.16k - $150.39k

     ...Cyber and IT Risk Management Skills: Cloud Infrastructure Security,Cloud Security,System Security Experience: 5 + years of...  ...while you advance your career. Join GDIT as a Multi‑Cloud Security Engineer and build an impactful career in enterprise IT, working with... 
    Temporary work
    Immediate start
    Remote work
    Worldwide
    Flexible hours

    General Dynamics Information Technology

    Fairfax, VA
    1 day ago
  • $112.8k - $257k

     ...Security Engineer The Opportunity: We need a technical professional responsible for designing, building, and maintaining systems that protect an organization's data, networks, and IT infrastructure from cyber-attacks. In this position, you will focus on proactive... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Annapolis, MD
    5 days ago
  • $93.37k - $153.4k

     ...Job Title: Endpoint Security Engineer Role Overview: This role will be responsible for designing and implementing security controls to protect data, applications, and infrastructure from evolving cyber threats. The Security Engineer will collaborate cross-functionally... 
    Temporary work
    Work at office
    Relocation package
    Flexible hours

    McAfee

    San Jose, CA
    1 day ago
  •  ...Develop test plan and test cases for end-to-end application (API) security testing of 5G core systems, RAN systems and backend systems...  ...• Bachelor's degree Computer Science, Electrical Engineering, or Computer Engineering preferred • Strong understanding of... 

    Texas State Library and Archives Commision

    Philadelphia, PA
    1 day ago
  • $98.9k

     ...What you can expect The Security Engineer is responsible for security design and reviews across our products and services. The ideal candidate brings broad technical expertise and hands-on experience in end-to-end product security. In this role, you'll collaborate with... 
    Work at office
    Remote work

    Zoom Corporation

    Des Moines, IA
    3 days ago
  • $180k - $200k

     ...is our specialty, we also focus on ICAM, Zero Trust, digital engineering and transformation, and enterprise AI and intelligent automation...  ...and share in the many benefits and opportunities we offer. Security Engineer III Responsibilities: Leads enterprise security... 
    For contractors

    Electrosoft

    Washington DC
    5 days ago
  • $93.4k - $176.2k

     ...technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations....  ...government forward! **You are:  ** We are seeking a Security Engineer to assist in the design, development, and implementation of security... 
    Live in
    Work at office
    Local area

    Accenture

    Washington DC
    5 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Security Engineer. Be the first to apply!