×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager IT Support Network Security

SOC Operations Engineer

Job in Davenport, Scott County, Iowa, 52800, USA
Listing for: Twin State Technical Services
Full Time position
Listed on 2026-03-04
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, IT Support, Network Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Description

The SOC Operations Engineer is responsible for day-to-day security operations within managed customer environments. This role handles security-driven tickets, performs initial investigation and validation, and executes approved response actions following documented procedures. The SOC Operations Engineer also performs routine operational maintenance on security products to ensure they remain healthy, effective, and aligned with standards.

The SOC Operations Engineer is additionally responsible for supporting ongoing vulnerability management activities across managed customer environments. This focuses on identifying, validating, tracking, and executing remediation of security weaknesses in a customer environment via a structured and repeatable manner using our toolsets.

This role is for someone who thrives on investigation and decisive response. The SOC Operations Engineer builds expertise by owning security cases end-to-end within scope, executing proven playbooks, and collaborating closely with the Security Engineer on higher-complexity events.

Key Responsibilities Security Ticket Triage And Response (Primary Responsibility)
  • Own security-related tickets from creation through resolution within defined scope.
  • Review alerts and cases, validate whether activity is benign or suspicious, and determine customer impact.
  • Perform initial investigation using available telemetry and platform data to establish what happened and what systems or identities are involved.
  • Execute approved response actions using documented runbooks (e.g., isolate endpoint, disable account, block indicator, initiate scan, collect artifacts), when authorized and appropriate.
  • Maintain situational awareness during active incidents and keep ticket timelines accurate and current.
  • Monitor vulnerability scanning platforms and reports to identify new, recurring, or critical vulnerabilities.
  • Validate scan results across all managed assets and prioritize severity, exposure and relevance.
  • Apply documented prioritization criteria to determine remediation urgency.
Escalation and Collaboration
  • Escalate to the Security Engineer when incidents exceed defined scope, require advanced analysis, involve high business impact, or indicate coordinated or ongoing threat activity.
  • Provide high-quality handoffs including: what was observed, what was validated, actions taken, evidence collected, and recommended next steps.
  • Escalate to the Managed Services Team Lead for customer communication, dispatch coordination, and onsite actions when needed.
  • Collaborate with NOC and Maintenance roles when incidents intersect with outages, backups, patching, identity access, or broader operational issues.
  • Coordinate with internal teams and customers to support vulnerability remediation.
  • Track progress and validate vulnerability remediations.
  • Identify remediation issues and elevate to appropriate parties.
Security Product Operations and Routine Maintenance
  • Perform routine operational checks of security platforms to ensure agents, connectors, sensors, and integrations are healthy and reporting.
  • Maintain baseline operational readiness for security platforms, including verifying critical coverage and reporting on gaps.
  • Support routine tuning work by documenting noise patterns and proposing improvements to the Security Engineer.
Documentation and Process Adherence
  • Document all investigative steps, findings, evidence, and actions taken in the ticketing system using established standards.
  • Follow incident handling procedures, escalation criteria, and change management requirements when executing response actions.
  • Maintain and improve SOC runbooks and quick-reference procedures for common alert types, recurring event patterns and remediations.
  • Contribute to consistent, repeatable security operations across customer environments.
Minimum Qualifications
  • 1+ years in IT operations, MSP service delivery, or a security-adjacent technical role.
  • Familiarity with endpoint protection concepts, identity fundamentals, and common security alert categories.
  • Strong troubleshooting ability and a disciplined approach to evidence gathering and validation.
  • Strong written communication skills in a ticketing system.
  • Ability to learn quickly and follow procedures consistently under pressure.
Preferred Qualifications
  • Prior experience with SOC workflows, ticket-driven triage, or incident response processes.
  • Familiarity with common security tooling categories (EDR, SIEM, MDR, email security, DNS filtering, MFA, Vulnerability Management).
  • Basic scripting skills (Power Shell and/or Python) to support repeatable operations and evidence collection.
  • Certifications such as Security+, Microsoft fundamentals, or equivalent experience.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search