SecOps Engineer

Open ApproachBurlington, VT
3d
Match Resume

About The Position

SECOPS ENGINEER Location: Burlington, VT WHO WE ARE Open Approach is a values-driven, client-focused IT services company based in Burlington, Vermont. We deliver exceptional managed technology and phenomenal client support to organizations across New England and beyond. Our focus is on long-term partnerships built on trust, transparency, and shared success, not sales quotas. We earn our client's business every month by staying relentlessly focused on their success. From the very first interaction to ongoing evolution, we aim to provide seamless experiences grounded in understanding, integrity, and practical solutions. We believe in making thoughtful, informed decisions and creating a lasting impact instead of quick fixes. This translates into long-term relationships with our clients that are rewarding on many levels. At our core, we value equity, humility, excellence, accountability, innovation, and openness. These guide everything we do, from how we collaborate internally to how we support clients through complex technical challenges. We are continually refining our team, enhancing our capabilities, and investing in talent to drive forward meaningful change. We embrace candid feedback, own our outcomes, and strive to improve every day. If that sounds like the kind of company you want to grow with, we would love to hear from you. THE ROLE This isn't a traditional SOC role where you sit and watch dashboards all day. Yes, you'll be involved in incident response, but your real focus is on building, improving, and evolving the security systems and processes behind everything we do at Open Approach and for our clients. You'll serve as the primary escalation point for our Security Operations Analyst. When things get complex, they will come to you. You will own the deeper investigations, lead advanced response efforts, and ensure we deliver consistent, high-quality outcomes every time. Outside of incidents, you'll spend your time designing, implementing, and optimizing our security stack: SIEM, EDR, vulnerability management, and the rest. You'll tune out the noise, sharpen detection, and make our tools work the way they should. A big part of this role is research and automation. We want someone who looks at a manual process and immediately thinks, "How do I make this faster, better, or unnecessary?" You'll identify gaps, evaluate new tools, and build the automation that makes the whole Security Operations team more effective. You'll also support compliance work, including the technical implementation and validation of controls across frameworks such as CMMC, HIPAA, and CJIS. Not the paperwork side. The hands-on, make-it-actually-work side. You should be someone who enjoys building better systems, not just reacting to alerts. Specifically: Highly technical and genuinely passionate about cybersecurity Curious, always poking at systems and looking for ways to improve them Comfortable digging into complex problems and owning them from start to finish A strong collaborator who works well alongside others Motivated to automate and optimize, not just maintain Able to communicate clearly with both technical and non-technical audiences A note on experience: We need someone with a solid technical foundation, but if you're the right person and you're missing a few of the skills listed below, that's okay. We're happy to train, guide, and invest in you. What we can't teach is the mindset.

Requirements

  • A working understanding of firewalls, IDS/IPS, endpoint protection, and other core security technologies.
  • The ability to look at security events and incidents and connect the dots by identifying threats, patterns, and vulnerabilities.
  • Security work lives and dies in the details. Incidents need to be thoroughly investigated and properly resolved. You uphold our operational and security standards and have a sharp eye for where they're not being met.
  • This field moves fast. You need to genuinely enjoy keeping up with new technologies, trends, and best practices.
  • The ability to prioritize effectively, especially when multiple incidents or projects compete for your attention.
  • Maintaining standards, managing change, and building repeatable processes are foundational to how we operate.
  • Understanding of AD architecture (users, groups, computer objects) with a security focus.
  • Experience with Group Policy design and management.
  • Familiarity with hybrid identity environments and synchronization between on-prem AD and Azure/Entra ID.
  • Ability to spot and fix common identity and access risks.
  • Solid grasp of core networking (DHCP, DNS, routing, switching) and how it all ties into security.
  • Familiarity with remote access technologies (SSL VPN, IPSec VPN).
  • Understanding of segmentation, least privilege, and traffic flow analysis.
  • Ability to troubleshoot network related security issues across layered environments.
  • Strong understanding of M365 and Intune security capabilities such as device management, policy enforcement, Conditional Access, authentication methods, identity protection.
  • Familiarity with email security, mail flow, and integration with security platforms.
  • Ability to assess and improve security posture across Microsoft cloud environments.
  • Hands-on experience with SIEM, EDR, IDS/IPS, firewalls, and vulnerability management tools.
  • Ability to analyze alerts, investigate incidents, and track threats across platforms.
  • Understanding of alert tuning, noise reduction, and detection and response fundamentals.
  • Familiarity with vulnerability assessments and risk analysis.
  • Basic understanding of cryptographic concepts and their practical applications.
  • Experience with IR processes: triage, containment, investigation, and recovery.
  • Ability to analyze complex incidents, determine root cause, and drive remediation.
  • Understanding of the IR lifecycle and how to reduce impact while improving future response.
  • We require at least 3 years of cybersecurity experience, preferably with an MSP or past MSP experience outside of cybersecurity. Life in an MSP demands deep, wide technical knowledge, and it can be overwhelming without the right foundation. We want this to be the right fit for you, not a sink-or-swim situation.

Nice To Haves

  • Familiarity with platforms like Hyper-V or VMware. Understanding of how virtualized environments affect security isolation, snapshotting, and investigation workflows. Comfortable using virtualization tools for testing and validating security configurations.
  • Understanding of firewall technologies, rule creation, and policy management. Ability to implement rules aligned with best practices and troubleshoot traffic to catch misconfigurations or threats.
  • Understanding of public vs. private DNS architecture. Knowledge of common record types (A, CNAME, MX, SPF, DKIM, TXT) and their role in email security. Comfortable troubleshooting DNS issues using command-line and diagnostic tools.
  • Working knowledge of NIST, CIS, and ISO frameworks. Familiarity with compliance driven environments and how technical controls map to regulatory requirements. Ability to support implementation and validation of controls for CMMC, HIPAA, or CJIS.
  • Certifications aren't required, but they're strongly encouraged and show commitment to growth. Relevant certifications include Security+, Microsoft Security (SC-series), or similar foundational cybersecurity and cloud certifications. More advanced certs like CISSP or CCSP are a plus for experienced candidates.

Responsibilities

  • Act as the escalation point for complex security incidents and investigations
  • Design, implement, and optimize security tools and platforms (SIEM, EDR, vulnerability management, etc.)
  • Lead advanced incident response investigation, containment, remediation
  • Develop automation and improve processes to reduce manual effort and increase efficiency
  • Research and evaluate new security tools and technologies
  • Tune alerts, cut false positives, and sharpen detection capabilities
  • Support compliance initiatives through technical control implementation and validation
  • Collaborate with internal teams to ensure security solutions are properly deployed and maintained
  • Create and maintain documentation, standards, and repeatable processes
  • Contribute to the ongoing maturity of the Security Operations program

Benefits

  • Health, dental, and vision coverage with generous employer contributions
  • Company-sponsored Life, STD/LTD Disability, and Workers’ Compensation
  • 401(k) with 4% match starting day one
  • Generous PTO (starting at 16 days, plus paid holidays. 20 days on your 1 year anniversary)
  • Fully paid parental leave
  • Smartphone stipend for on-call rotation
  • Weekly company lunches, coffee, snacks, and a pet-friendly office

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Number of Employees

1-10 employees

Job Search Resources

Similar SecOps Engineer job opportunities

SecOps Engineer
Open Approach
Open Approach • Burlington, VT4d • $85,000 - $105,000
SecOps Security Engineer
Police & Fire Federal Credit Union
Police & Fire Federal Credit Union • Bensalem Township, PA4d • Onsite
Sr. SecOps Security Engineer
Police & Fire Federal Credit Union
Police & Fire Federal Credit Union • Bensalem Township, PA4d • Onsite
ASG Presales Solutions Engineer  - SecOps/SIEM
SHI International Corp.
SHI International Corp.10d • $120,000 - $230,000 • Remote
Cortex SecOps Domain Consultant 2
Palo Alto Networks
Palo Alto Networks • Cincinnati, OH13d • Remote
Engineer Assc - Engineer
American Electric Power
American Electric Power • Roanoke, VA6d • $74,551 - $128,688 • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service