Information Security Engineer - Security Operations (SOC)
Harris Health System
About Us Harris Health System is the public healthcare safety-net provider established in 1966 to serve the residents of Harris County, Texas. As an essential healthcare system, Harris Health champions better health for the entire community, with a focus on low-income uninsured and underinsured patients, through acute and primary care, wellness, disease management and population health services. Ben Taub Hospital (Level 1 Trauma Center) and Lyndon B. Johnson Hospital (Level 3 Trauma Center) anchor Harris Health's robust network of 39 clinics, health centers, specialty locations and virtual (telemedicine) technology. Harris Health is among an elite list of health systems in the U.S. achieving Magnet® nursing excellence designation for its hospitals, the prestigious National Committee for Quality Assurance designation for its patient-centered clinics and health centers and its strong partnership with nationally recognized physician faculty, residents and researchers from Baylor College of Medicine; McGovern Medical School at The University of Texas Health Science Center at Houston (UTHealth); The University of Texas MD Anderson Cancer Center; and the Tilman J. Fertitta Family College of Medicine at the University of Houston. Job Profile Job Summary:
The Information Security SOC Engineer is a handson cybersecurity professional responsible for engineering, operating, and automating detection and response capabilities. The engineer designs and maintains content in Microsoft Sentinel (data connectors, analytics rules, hunting queries, workbooks), enhances protections with Microsoft Defender (Endpoint/XDR, Office 365, Identity), and builds automation using Azure Logic Apps. Key Responsibilities:
Typical duties may include:
Detection Engineering & SIEM Operations (Microsoft Sentinel and Rapid 7)
Own Sentinel content lifecycle including data ingestion, analytic rules, KQL queries, UEBA tuning, watchlists, and dashboards.
Develop hunting queries and proactive threat detection logic.
Implement incident enrichment and correlation across multiple data sources.
Endpoint, Email, and Identity Protection (Microsoft Defender)
Engineer configurations within Microsoft Defender for Endpoint/XDR, Defender for Office 365, and Identity protection.
Integrate Defender alerting with Sentinel for enhanced detection correlation.
Automation & Orchestration (Azure Logic Apps)
Build, deploy, and manage Logic Apps SOAR playbooks for automated triage, enrichment, and response.
Implement approval flows, track automation metrics, and improve MTTR.
Incident Response & Collaboration
Support containment, eradication, and recovery of security incidents.
Conduct post-incident reviews and update detection logic and processes accordingly. Runbooks, Documentation & Continuous Improvement
Maintain engineering runbooks, playbooks, and process documentation.
Track SOC metrics and produce security operational dashboards. Required Qualifications & Skills:
Bachelors degree in Cybersecurity/IT or equivalent experience.
24+ years in SOC, SIEM engineering, or detection/response roles.
Experience building automation.
Strong understanding of incident response and MITRE ATT&CK.
Experience integrating MSSP feeds and third-party tools.
Certifications such as SC200, SC100, AZ500, Security+, CEH
Strong analytical and communication skills.
Team-oriented with a positive and professional approach. Preferred Qualifications:
Handson experience with Microsoft Sentinel (KQL, analytics rules, workbooks, connectors).
Handson experience with Microsoft Defender (Endpoint/XDR, Office 365, Identity).
Scripting experience (PowerShell, Python).
Experience building automation using Azure Logic Apps. Benefits & EEOC Harris Health System's benefits program is designed to provide you with more flexibility and choices in meeting your specific needs. Harris Health System's benefits program allows you to protect your income in case of illness, death and disability, and to help you save for retirement. It is the policy of Harris Health System to provide equal opportunity for all applicants for employment regardless of political affiliation, race, color, national origin, age, sex, religious creed or disability. Applicants may request any reasonable accommodation(s) to participate in the application process. Job Category Information Technology
The Information Security SOC Engineer is a handson cybersecurity professional responsible for engineering, operating, and automating detection and response capabilities. The engineer designs and maintains content in Microsoft Sentinel (data connectors, analytics rules, hunting queries, workbooks), enhances protections with Microsoft Defender (Endpoint/XDR, Office 365, Identity), and builds automation using Azure Logic Apps. Key Responsibilities:
Typical duties may include:
Detection Engineering & SIEM Operations (Microsoft Sentinel and Rapid 7)
Own Sentinel content lifecycle including data ingestion, analytic rules, KQL queries, UEBA tuning, watchlists, and dashboards.
Develop hunting queries and proactive threat detection logic.
Implement incident enrichment and correlation across multiple data sources.
Endpoint, Email, and Identity Protection (Microsoft Defender)
Engineer configurations within Microsoft Defender for Endpoint/XDR, Defender for Office 365, and Identity protection.
Integrate Defender alerting with Sentinel for enhanced detection correlation.
Automation & Orchestration (Azure Logic Apps)
Build, deploy, and manage Logic Apps SOAR playbooks for automated triage, enrichment, and response.
Implement approval flows, track automation metrics, and improve MTTR.
Incident Response & Collaboration
Support containment, eradication, and recovery of security incidents.
Conduct post-incident reviews and update detection logic and processes accordingly. Runbooks, Documentation & Continuous Improvement
Maintain engineering runbooks, playbooks, and process documentation.
Track SOC metrics and produce security operational dashboards. Required Qualifications & Skills:
Bachelors degree in Cybersecurity/IT or equivalent experience.
24+ years in SOC, SIEM engineering, or detection/response roles.
Experience building automation.
Strong understanding of incident response and MITRE ATT&CK.
Experience integrating MSSP feeds and third-party tools.
Certifications such as SC200, SC100, AZ500, Security+, CEH
Strong analytical and communication skills.
Team-oriented with a positive and professional approach. Preferred Qualifications:
Handson experience with Microsoft Sentinel (KQL, analytics rules, workbooks, connectors).
Handson experience with Microsoft Defender (Endpoint/XDR, Office 365, Identity).
Scripting experience (PowerShell, Python).
Experience building automation using Azure Logic Apps. Benefits & EEOC Harris Health System's benefits program is designed to provide you with more flexibility and choices in meeting your specific needs. Harris Health System's benefits program allows you to protect your income in case of illness, death and disability, and to help you save for retirement. It is the policy of Harris Health System to provide equal opportunity for all applicants for employment regardless of political affiliation, race, color, national origin, age, sex, religious creed or disability. Applicants may request any reasonable accommodation(s) to participate in the application process. Job Category Information Technology
Vacancy posted more than 2 months ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Information Security Engineer - Security Operations (SOC). Be the first to apply!
Related searches
- director data engineering Houston, TX
- junior big data engineer Houston, TX
- data engineer graduate Houston, TX
- senior data engineer Houston, TX
- data platform engineer Houston, TX
- sr information security engineer Houston, TX
- senior data integration developer Houston, TX
- data developer Houston, TX
- data engineer Houston, TX
- data infrastructure engineer Houston, TX