Senior SecOps Engineer

About the role: Forter is looking for a Senior SecOps Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, automating processes, analyzing security incidents, managing security tools, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SecOps Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you’ll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SecOps Engineer, you will lead initiatives to enhance SOC capabilities with cutting-edge technologies and automation tools, directly influencing Forter’s ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, while collaborating with industry experts in cloud security, fraud prevention, and data analytics, and experimenting with the latest SIEM, SOAR, EDR, and cloud-native security technologies. This is more than just a job; it’s an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Drive SOC workflow automation using SOAR, and oversee the full lifecycle management (deployment, tuning, operation) of core security tools like EDR aiming to increase automation coverage and consistency. Lead Cloud Security Monitoring, including managing AWS security logs via SIEM and working with the Infrastructure team for proactive cloud defense. Perform continuous Security Monitoring and Threat Detection, building custom queries and dashboards to enhance visibility across platforms. Develop and execute Proactive Threat Hunting procedures to identify potential risks. Enhance and coordinate the Incident Response process, working with cross-functional teams through containment, eradication, and post-incident analysis. Collaborate with third-party vendoDrs for managed security services and specialized tools. What you’ll need? Experience: 5+ years in SecOps/IR with hands-on threat detection and mitigation, specifically in cloud-centric, production-scale environments. Technical Skills: Strong capability in Cloud-focused threat detection, incident response, and analysis of complex attack patterns. Skilled in writing SIEM queries/alerts with an outcome-orientation (e.g., measurable improvements in MTTD or alert fidelity). Scripting Automation: Knowledge of Python, SQL, or Bash for SOC automation, with practical experience building SOAR playbooks, data enrichment scripts, and Detection-as-Code solutions. AI LLM Security: Understanding of the AI threat landscape (including adversarial ML and OWASP Top 10 for LLMs) and exposure to securing GenAI pipelines. Investigations: Extensive experience with end-to-end security investigations, deep knowledge of security network protocols, and familiarity with the OWASP Top 10 vulnerabilities. Security Tools: Hands-on experience managing, configuring, and investigating security events across EDR, Firewall, SIEM, and SOAR platforms. Core Skills: Strong problem-solving, analytical, and organizational skills. Comfort leading initiatives without direct authority, a security-first approach, and the ability to mentor SOC analysts. It’d be cool if you also: [NOT A MUST] Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: CRTP, OSCP, OWSP, OSDA, GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. Experience with building agents and utilizing LLM\A ... (truncated, view full listing at source)