SOC Engineer II

Summary

Join Toast's dynamic team as a Security Operations Engineer and safeguard cutting-edge restaurant technology. Participate in incident response, forensic investigations, and threat hunting. Collaborate with engineering teams to develop security solutions and refine detection rules. Analyze alerts and anomalies from monitoring solutions. Work closely with R&D teams to foster a security-first mindset. Contribute to protecting clients and their customers in an ever-evolving threat landscape.

Requirements

• 3+ years of experience in security operations, incident response, or threat analysis
• Ability to communicate investigative findings and strategies to technical staff, leadership, and legal
• Strong understanding of cloud architectures and security best practices in AWS, Azure, or GCloud
• Experience using security tools for log analysis, incident response, and vulnerability assessment
• Familiarity with digital forensics tools to analyze and respond to security incidents effectively
• Coding/scripting experience in one or more general purpose languages. (e.g., Python, Ruby,  Go, etc)
• Experience with SIEM platforms such as Splunk, IBM QRadar, MS Sentinel etc

Responsibilities

• Participate in  incident response efforts, including the forensic investigation of security incidents
• Influence and align with the team’s strategy working on specific multi-year roadmaps and projects
• Analyze alerts and anomalies from monitoring solutions in our environment
• Collaborate with engineering teams to develop Incident Response and Investigative solutions
• Create and refine detection rules for malicious activity in our corporate environments
• Utilize EDR solutions to respond to suspicious activities and maintain system baselines
• Participate in threat hunting efforts
• Work closely with Toast R&D teams to foster a security-first mindset

Preferred Qualifications

• Degree in Information Security, Information Technology, or a related field
• Experience with Malware Analysis and Reverse Engineering
• Knowledge of regulatory requirements in FinTech or similar high-security industries
• Relevant certifications (e.g., GCIH, CySA+, CISSP, AWS CSA) are preferred
• Experience with AI applications in cybersecurity, particularly for threat detection and response
• Knowledge with securing mobile platforms (Android / iOS)

Benefits

• Competitive salary and performance-based bonuses
• Flexible working hours and remote work options
• Comprehensive health insurance and wellness programs
• Professional development opportunities and continuous learning