SecOps Engineer
About The Position
Rethink First is a leading behavioral health technology company working to make mental wellness, education, and support accessible and scalable. Through our suite of cloud-based platforms—including RethinkEd, RethinkCare, and RethinkBH—we serve educators, employers, and providers with tools that deliver measurable, inclusive outcomes. We're on a mission to make behavioral health more effective, equitable, and human—and we’re looking for a creative visionary to help lead that charge. The Security Operations Engineer supports the ongoing protection of company assets by assisting in monitoring, incident response, and automation tasks. This entry- to mid-level role is ideal for someone who has foundational security knowledge and a desire to grow into a senior engineering position. You will collaborate with the Senior SecOps Engineer, offshore and other functional teams to ensure alerts are reviewed efficiently, vulnerabilities are directed to appropriate teams, tracked to closure, and automated playbooks are continuously improved.
Requirements
- 1–3 years of experience in IT, security operations, or system administration.
- Foundational knowledge of cloud environments (Azure, AWS).
- Familiarity with SIEM tools (Sentinel, DataDog) and EDR platforms.
- Basic scripting or automation experience (Python, PowerShell preferred).
- Understanding of common attack vectors and security frameworks (MITRE ATT&CK, NIST CSF).
- Strong documentation and organizational skills.
Nice To Haves
- Experience collaborating with or within a Managed Security Service Provider (MSSP).
- Exposure to vulnerability management tools.
- Certifications such as CompTIA Security+, Microsoft SC-200, or GSEC.
- Interest in pursuing advanced certifications (e.g., GCIH, AZ-500, or CISSP).
Responsibilities
- Review alerts escalated from the third-party SOC and conduct initial triage and documentation.
- Execute defined response actions under guidance from senior team members.
- Maintain and update security playbooks, runbooks, and knowledge base articles.
- Assist with endpoint, identity, and cloud security monitoring.
- Run recurring vulnerability scans (Tenable, Defender, etc) and verify remediation status.
- Document remediation progress and communicate updates to system owners.
- Track SLA compliance and generate periodic metrics for leadership reporting.
- Support automation development by testing and maintaining security scripts or workflows.
- Assist with tool integrations and API connections between systems (EDR, SIEM, Jira, MDM, etc.).
- Help gather and validate data used in automation pipelines and dashboards.
- Participate in incident investigations by collecting evidence, correlating logs, and maintaining timelines.
- Assist in containment, root cause analysis, and post-incident documentation.
- Support after-action reviews and lessons-learned sessions.
- Work closely with offshore SecOps engineers to standardize procedures and share knowledge.
- Collaborate with compliance staff to provide data for audit evidence or control validation.
- Participate in security training and development to strengthen technical and analytical skills.
Benefits
- Generous health, dental, & vision benefits package
- Flexible paid time off
- 11 paid company holidays
- 401k + matching
- Parental leave
- Access to our award-winning RethinkCare platform supporting neurodiversity in the workplace through parental success, professional resilience, and personal wellbeing.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Education Level
No Education Listed
Number of Employees
51-100 employees
