Security Operations Engineer - Remote

This role is responsible for executing hands-on security operations to protect the organization's cloud environments, systems, and data. This role focuses on detecting, validating, and responding to security threats by performing direct mitigation and remediation actions within AWS and Azure environments, while ensuring security alerts produce high-fidelity, actionable incident notifications. This role supports day-to-day security operations by triaging alerts, tuning detections, and executing predefined response actions to contain threats and remediate vulnerabilities. This individual works closely with detection engineering, cloud, and platform teams to maintain the reliability and effectiveness of security controls, automate response workflows, and reduce operational risk across the environment. This role requires strong hands-on technical skills in cloud security tooling, incident response execution, and operational automation, along with the ability to follow established procedures and contribute to continuous improvement efforts. The Security Operations Engineer applies sound judgment, attention to detail, and effective communication to support incident response activities, improve alert quality, and strengthen the organization's overall security posture.

Essential Job Functions:

• Monitor, investigate, and respond to security alerts across cloud, endpoint, network, and identity platforms, validating threats and determining appropriate response actions.

• Execute mitigation and remediation actions within AWS and Azure environments, including access revocation, configuration changes, policy updates, and resource isolation.

• Build, tune, and maintain detections in SIEM, EDR, and cloud-native security tools to improve alert fidelity and reduce noise.

• Materially contributes to incident response activities, including triage, containment, eradication, recovery, and post-incident lessons learned.

• Perform root-cause analysis on security incidents and near-misses and drive corrective actions to prevent recurrence.

• Develop, maintain, and execute security runbooks, response playbooks, and operational documentation to ensure consistent and repeatable response.

• Implement and support automation and response workflows using scripting, APIs, and cloud-native tooling to reduce MTTR.

• Partner with cloud, infrastructure, and application teams to remediate findings, harden systems, and reduce attack surface.

• Support threat hunting activities using logs, telemetry, and attacker TTPs to identify suspicious or malicious behavior not detected by existing alerts.

• Assist with vulnerability management, including validation of findings, prioritization based on risk, and remediation tracking.

• Monitor cloud environments for misconfigurations, control failures, and drift, and take corrective action as required.

• Contribute to tabletop exercises, purple team activities, and continuous defensive improvement efforts.

• Stay current with emerging threats, technologies, and industry best practices, recommending strategies to evolve the organization's security defenses.

• Other activities as may be assigned by your manager

• Bachelor's degree in information security, Computer Science, or related field (or equivalent experience).

• Experienced professional with 5+ years of industry and/or relevant experience, typically at a Senior Analyst or Analyst level role or external equivalent.

• 3-5 years of professional experience in information security with progressive responsibility preferred

• Strong knowledge of SIEM, DLP, e-mail security, endpoint security, and cloud security technologies.

• Hands-on experience securing and operating within AWS and Azure environments, including identity, networking, and native security services.

• Working knowledge of infrastructure-as-code, scripting, or automation technologies (e.g., Terraform, CloudFormation, PowerShell, Python, or similar).

• Ability to execute security remediation actions using cloud consoles, APIs, and automation tools.

• Expertise in incident response, threat hunting, and security operations.

• Familiarity with risk management frameworks and compliance standards (NIST, CIS, etc.).

• Relevant certifications such as Security+, CySA+, GCIA, GCIH, AWS Certified Security - Specialty, Azure Security Engineer (AZ-500), SC-200, or equivalent cloud and security operations certifications are strongly preferred.

• Excellent problem-solving, analytical, and communication skills.

The annual full time base salary range for this role is

$110,000.00 - $140,000.00

Specific compensation is determined through interviews and a review of relevant education, experience, training, skills, geographic location and alignment with market data. Additionally, certain positions may be eligible to receive a discretionary bonus as determined by bonus program guidelines, position eligibility and SitusAMC Senior Management approval. SitusAMC offers PTO and paid holidays, the terms of which are set forth in the program policies. All full time employees also are eligible to participate in various benefit plans, including medical, dental, vision, life, disability insurance and 401K; in each case in accordance with the terms of the applicable plans.

Pay Transparency Nondiscrimination Provision (https://go.situsamc.com/rs/962-QMP-613/images/pay-transp_%20English_formattedESQA508c.pdf?version=0)

SitusAMC is where the best and most passionate people come to transform our client's businesses and their own careers. Whether you're a real estate veteran, a passionate technologist, or looking to get your start, join us as we work together to realize opportunities for everyone, we proudly serve. At SitusAMC, we are looking to match your unique experience with one of our amazing careers, so that we can help you realize your potential and career growth within the Real Estate Industry. If you are someone who can be yourself, advocate for others, stay nimble, dream big, own every outcome, and think global but act local - come join our team!