Security Operations Engineer

We are seeking a detail-oriented SecOps Engineer to join our Security team. This role is ideal for an early-career security professional or someone transitioning into cybersecurity who wants to gain hands-on experience with enterprise security tools and compliance frameworks. You'll work closely with senior Security team members to protect our organization's assets, ensure compliance, and respond to security incidents.

What You’ll Do

Security Operations & Monitoring

• Monitor and analyze security alerts using CrowdStrike for endpoint detection and response
• Conduct security analysis and triage of incidents, escalating complex issues appropriately
• Support comprehensive vulnerability management program using Wiz.io, including asset inventory maintenanceAssist with CVSS scoring, risk assessment, and vulnerability prioritization
• Support change control processes to ensure security considerations are integrated into system modifications
• Respond to security-related inquiries via designated security email channels
• Assist with continuous monitoring activities for FedRAMP Moderate-equivalent environment

Identity & Access Management

• Perform regular IAM reviews using Okta to ensure appropriate user access and permissions
• Support user provisioning and deprovisioning processes
• Assist with access certification campaigns and access reviews
• Monitor for unauthorized access attempts and suspicious authentication activities

Compliance & Risk Management

• Support SOC2 Type II audit activities including evidence collection for 85+ controls across multi-application environment
• Assist with FedRAMP Moderate-equivalent documentation and NIST SP 800-53 control implementation (325+ controls)
• Assist with completion of routine security questionnaires from customers and partners
• Support third-party vendor security assessments and partnership evaluations
• Assist with enterprise risk register maintenance and business impact analysis
• Maintain compliance documentation using Vanta for automated evidence collection across multiple frameworks
• Support monthly SOC2 sampling and testing procedures

Application Security

• Participate in CI/CD security approval processes to ensure secure software deployment
• Conduct basic web application security testing using Burp Suite
• Support penetration testing activities coordinated through Cobalt
• Review code changes for potential security implications

Customer Security Support

• Assist with security questionnaire responses for customer assessments
• Support pre-sales security discussions
• Help prepare customer-facing compliance documentation (CMMC, FedRAMP)
• Assist with partnership security assessment documentation

Network Security & Cross-Team Collaboration

• Monitor network traffic and security events through Zscaler
• Assist with firewall rule reviews and network access control
• Support incident response activities related to network security events
• Collaborate with Cloud Ops, CAPE, Development, SysOps, and Legal teams on security initiatives
• Support cross-functional security projects and daily integration requirements

 Your First 90 Days

In your First 30 Days, you’ll focus on building a strong foundation in our security tools, systems, and processes. You’ll complete onboarding to gain familiarity with platforms such as CrowdStrike, Wiz.io, Okta, and Zscaler, while also learning about our compliance frameworks, including SOC2 and FedRAMP Moderate-equivalent. You’ll shadow other team members as they respond to security incidents, monitor alerts, and conduct vulnerability reviews. By the end of your first 30 days, you’ll be actively contributing to daily security operations, such as triaging alerts, assisting with IAM reviews, and supporting compliance documentation.

 By Day 60, you’ll start taking on more ownership of security operations. This includes analyzing alerts, contributing to the vulnerability management program, and assisting with monthly SOC2 sampling and testing. You’ll collaborate across teams, such as Cloud Ops and Development, on security-specific initiatives. Additionally, you’ll begin participating in customer security support tasks, including helping with security questionnaire responses and internal evidence collection for audits. Through these efforts, you’ll strengthen your understanding of how security integrates with broader business operations.

 By Day 90, you’ll be a key contributor to our Security team. You’ll support efforts to streamline security processes, optimize monitoring and analysis workflows, and proactively identify areas for improvement. You’ll confidently support compliance and risk management activities, such as completing security assessments and updating documentation. You’ll also work hands-on with application security tasks, assist with penetration testing activities, and collaborate on cross-functional projects to enhance our overall security posture. With your growing expertise, you’ll play an integral role in protecting our organization and supporting our customers.

 Who You Are

• 2+ years’ experience in cybersecurity or IT operations
• Basic understanding of information security principles and frameworks
• Familiarity with enterprise-scale security operations and compliance requirements
• Understanding of NIST SP 800-53 controls or similar security frameworks
• Strong analytical and problem-solving skills
• Excellent written and verbal communication skills with ability to interact with customers
• Ability to work collaboratively across multiple teams
• Detail-oriented with strong organizational skills
• Ability to handle multiple competing priorities in a fast-paced environment
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related

 Your Differentiators

• Security+ or other relevant cybersecurity certifications
• Experience with the following tools: CrowdStrike, Okta, Zscaler, Wiz.io, Burp Suite, Vanta, or similar security platforms
• Basic understanding of compliance frameworks (SOC2, FedRAMP)
• Experience with cloud platforms (AWS, Azure, GCP)
• Knowledge of scripting languages (Python, PowerShell, Bash)
• Familiarity with SIEM/SOAR platforms and vulnerability management
• Experience working in regulated industries or enterprise environments

Our Values

• We are a Team. Employees, customers, and partners working together.
• We are Customer-Focused. Customers are the heart of everything we do. 
• We are Driven. Seeking exceptional outcomes. 
• We own our Success. Every employee has a stake in our company. 
• We do the right thing and have fun in the process. 

 The salary range for this opportunity is $73,900 – 95,000 per year. You will be eligible for employee equity and discretionary bonus compensation, subject to plans that may be in effect from time to time. You will further be eligible to participate in Unanet’s employee benefits plans and programs. For more details on Unanet’s benefits offerings, please visit https://unanet.com/employee-benefits.   

Unanet is proud to be an Equal Opportunity Employer. Applicants will be considered for positions without regard to race, religion, sex, national origin, age, disability, veteran status or any other consideration made unlawful by applicable federal, state or local laws.