As a Senior Security Engineer (Security Operations) at Sword, you will be at the forefront of safeguarding our cloud infrastructure, and applications. Your expertise will ensure robust security measures, incident response, and continuous improvement.
Are you looking to join an incredible IT team, passionate about simplifying everyone's work? Look no further, we're hiring! We're a proactive team, constantly staying ahead to ensure everything runs smoothly. As an IT Team we understand the importance of technology in today's workplace and the impact that technical issues can have on productivity and efficiency. Want to join the team? Find out if you've got what it takes!
What you’ll be doing:
Design and continuously improve detection and alerting controls, ensuring high fidelity and contextual relevance to reduce noise and enable rapid response.
Build, test, and automate incident response playbooks and runbooks, increasing efficiency and consistency across the incident lifecycle.
Drive prioritization of alerts using a data-driven, scalable triage framework, aligned with business impact and threat context.
Lead in-depth investigations, including root cause analysis and digital forensics, and convert findings into actionable insights to strengthen detection and resilience.
Proactively engage in threat intelligence and threat hunting, identifying new tactics, techniques, and procedures (TTPs), enriching existing controls, and feeding insights into the detection pipeline.
Own incident handling from detection to resolution, collaborating with engineering, IT, and business teams to contain, eradicate, and recover from threats.
Define and maintain operational metrics for incident response, using them to drive continuous improvement in speed, accuracy, and organizational readiness.
What you need to have:
Required: Public Trust Clearance - Candidates must be able to obtain and maintain a US public trust clearance.
Bachelor’s degree in Computer Science, Cybersecurity, or equivalent professional experience.
Solid experience in cloud environments (AWS, GCP, or Azure), with strong understanding of cloud-native threats.
Proficiency in scripting languages (e.g., Python, Bash) for automation and tooling development.
Hands-on experience with SOC tools and platforms, such as SIEM (Splunk, Sentinel, etc.), SOAR, EDR/XDR, and log management.
Strong understanding of incident containment and eradication strategies, with proven ability to coordinate response with technical teams.
Familiarity with security frameworks and standards (NIST 800-61, CIS Controls, MITRE ATT&CK, ISO 27001).
Excellent analytical, critical thinking, and problem-solving skills.
Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios.
Proficiency in process formulation and improvement.
Background in threat modeling, adversary emulation, and risk-based alert tuning.
Strong communicator with the ability to explain security risks and actions to both technical and non-technical audiences.
Proven track record of leading cross-functional efforts in high-pressure situations.
Ability to foster collaboration across InfoSec, IT, and engineering teams.
Forensics experience, investigating incidents and preserving digital evidence.
Leverage AI to automate and optimize security operations workflows, including alert triage, enrichment, and incident classification.
Design and maintain AI-assisted runbooks, ensuring consistency, auditability, and human-in-the-loop validation for critical decisions.
Identify opportunities to improve SOC efficiency through AI-driven automation, while maintaining strong controls and avoiding over-reliance on unverified outputs.
Integrate security tooling with AI platforms and APIs to streamline investigation, response, and reporting processes.
Enhance vulnerability management and incident response workflows through intelligent prioritization, correlation, and contextualization of findings.
Continuously evaluate the accuracy, reliability, and security implications of AI-assisted decisions in operational environments.
To ensure you feel good solving a big Human problem, we offer:
A stimulating, fast-paced environment with lots of room for creativity.
A bright future at a promising high-tech startup company.
Career development and growth, with a competitive salary.
The opportunity to work with a talented team and to add real value to an innovative solution with the potential to change the future of healthcare.
A flexible environment where you can control your hours (remotely) with unlimited vacation.
Access to our health and well-being program (digital therapist sessions).
Remote or Hybrid work policy.
To get to know more about our Tech Stack, check here.
Public Trust Clearance:
Candidates must be able to obtain and maintain a US public trust clearance. Please note that US citizenship is required to obtain and maintain a government security clearance.
Provides AI-driven physical therapy solutions designed to assist users in managing pain from home. The company focuses on musculoskeletal conditions and pelvic health, offering programs that promote recovery and injury prevention.
