SOC Engineer
Kforce Inc, New York, NY, United States
Kforce has a client that is seeking a Security Automation & Operations Engineer (SOC) in a greater New York City area or Boston Metro (On-site/Hybrid). The mission is to scale defensive capabilities within a large-scale enterprise environment. This is an engineering-centric role that values building automated systems over traditional “eyes-on-glass” analysis.
Responsibilities
Architect end-to-end incident response lifecycles, from initial signal ingestion to automated containment and post-remediation.
Build and refine complex playbooks to handle data enrichment, triage, and rapid response, reducing manual intervention.
Bridge gaps between disparate security layers—including identity providers, cloud infrastructure, and endpoint protection—through custom integrations and APIs.
Optimize the quality of security telemetry to ensure every alert is actionable, contextual, and high-fidelity.
Implement auditable automation with robust human-in-the-loop approvals and logging guardrails.
Define and track success through technical KPIs such as MTTA (Mean Time to Acknowledge) and MTTR (Mean Time to Remediate).
Requirements
Proven track record in security engineering, IR automation, or DevSecOps within complex environments.
Strong fundamentals in systems software, including experience with version control (Git), scripting, and API development.
Proficiency with enterprise-grade SIEM/Log Management platforms, cloud service providers, and endpoint telemetry.
Operational mindset: ability to translate real-world incident pain points into scalable, automated solutions.
Preferred Qualifications
Experience securing multi-cloud or hybrid-cloud architectures.
Background in detection engineering, including purple teaming or adversary emulation.
Familiarity with incorporating LLMs or AI-driven workflows into security operations within a governed framework.
Why This Role
You will join an established team with the autonomy to modernize legacy processes without the burden of “starting from scratch.” Builders who want to experiment, iterate, and see their engineering efforts directly improve the organization’s resilience will thrive here.
Compensation & Benefits
Pay range: "$X‑$Y", based on education, certifications, experience, and other factors. Salary may be modified over time and is not guaranteed. The amount and availability of compensation remain Kforce’s sole discretion until paid and may be modified in accordance with the law.
We offer comprehensive benefits, including medical, dental, and vision insurance; HSA, FSA; 401(k); and life, disability, and ADD insurance to eligible employees. Salaried personnel receive paid time off; hourly employees do not receive paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
This position is not eligible for bonuses, incentives, or commissions.
Equal Opportunity Statement
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
#J-18808-Ljbffr
Responsibilities
Architect end-to-end incident response lifecycles, from initial signal ingestion to automated containment and post-remediation.
Build and refine complex playbooks to handle data enrichment, triage, and rapid response, reducing manual intervention.
Bridge gaps between disparate security layers—including identity providers, cloud infrastructure, and endpoint protection—through custom integrations and APIs.
Optimize the quality of security telemetry to ensure every alert is actionable, contextual, and high-fidelity.
Implement auditable automation with robust human-in-the-loop approvals and logging guardrails.
Define and track success through technical KPIs such as MTTA (Mean Time to Acknowledge) and MTTR (Mean Time to Remediate).
Requirements
Proven track record in security engineering, IR automation, or DevSecOps within complex environments.
Strong fundamentals in systems software, including experience with version control (Git), scripting, and API development.
Proficiency with enterprise-grade SIEM/Log Management platforms, cloud service providers, and endpoint telemetry.
Operational mindset: ability to translate real-world incident pain points into scalable, automated solutions.
Preferred Qualifications
Experience securing multi-cloud or hybrid-cloud architectures.
Background in detection engineering, including purple teaming or adversary emulation.
Familiarity with incorporating LLMs or AI-driven workflows into security operations within a governed framework.
Why This Role
You will join an established team with the autonomy to modernize legacy processes without the burden of “starting from scratch.” Builders who want to experiment, iterate, and see their engineering efforts directly improve the organization’s resilience will thrive here.
Compensation & Benefits
Pay range: "$X‑$Y", based on education, certifications, experience, and other factors. Salary may be modified over time and is not guaranteed. The amount and availability of compensation remain Kforce’s sole discretion until paid and may be modified in accordance with the law.
We offer comprehensive benefits, including medical, dental, and vision insurance; HSA, FSA; 401(k); and life, disability, and ADD insurance to eligible employees. Salaried personnel receive paid time off; hourly employees do not receive paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
This position is not eligible for bonuses, incentives, or commissions.
Equal Opportunity Statement
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
#J-18808-Ljbffr