SOC Engineer II

Summary

Join Toast as a Senior Security Operations Engineer and lead defensive efforts against sophisticated threats. Develop and drive security operations strategy, translating multi-year roadmaps into actionable projects. Serve as an escalation point for junior analysts, continuously improving and automating security monitoring and response processes. Act as a security subject matter expert, collaborating with engineering teams to implement robust incident response capabilities. Architect and engineer advanced detection logic, master EDR solutions for threat hunting, and lead proactive threat hunting missions. Mentor and develop junior security engineers, fostering a culture of technical excellence.

Requirements

• 5-7+ years of progressive experience in security operations, incident response, or threat analysis, with a demonstrated history of handling complex incidents
• Expert ability to articulate complex technical findings and strategic recommendations to a diverse audience, including executive leadership, technical staff, and legal counsel
• Deep, hands-on knowledge of cloud architectures and security best practices in AWS, Azure, or GCP
• Extensive experience architecting, implementing, and utilizing a wide array of security tools for log analysis, incident response, and vulnerability assessment
• Familiarity with digital forensics tools to analyze and respond to security incidents effectively
• Coding/scripting proficiency in one or more general purpose languages (e.g., Python, Go, Ruby) for automation and tool development
• Expert-level experience with SIEM platforms such as Splunk, IBM QRadar, or Microsoft Sentinel, including the development of advanced correlation searches and dashboards
• Solid understanding of vulnerability management principles and practices

Responsibilities

• Lead and manage major security incidents from detection to resolution, serving as the primary technical point of contact for complex investigations
• Develop and drive the security operations strategy, translating multi-year roadmaps into actionable projects and technical solutions
• Serve as an escalation point for junior analysts , analyzing the most sophisticated alerts and anomalies. Continuously improve and automate security monitoring and response processes
• Act as a security subject matter expert (SME) , leading collaborative efforts with engineering teams to architect and implement robust Incident Response and investigative capabilities
• Architect and engineer advanced detection logic and correlation rules across SIEM, EDR, and other security platforms to counter emerging threats
• Master and optimize the use of EDR solutions for advanced threat hunting, forensic data collection, and rapid response actions
• Design and lead proactive threat hunting missions , developing hypotheses based on threat intelligence and deep environmental knowledge
• Mentor and develop junior security engineers , fostering a culture of technical excellence and continuous learning within the team

Preferred Qualifications

• Degree in Information Security, Information Technology, or a related field
• Proficiency with Malware Analysis and Reverse Engineering techniques
• Knowledge of regulatory requirements in FinTech or similar high-security industries (e.g., PCI-DSS, SOX)
• Relevant advanced certifications are highly preferred (e.g., GCIH, GCFA, CISSP, OSCP)
• Experience evaluating and implementing AI/ML applications in cybersecurity, particularly for threat detection and response
• Knowledge of securing mobile platforms (Android / iOS)

Benefits

• Competitive salary and performance-based bonuses
• Flexible working hours and remote work options
• Comprehensive health insurance and wellness programs
• Professional development opportunities and continuous learning