SOC Engineer Level 1 - Threat Intelligence
About The Position
Rightworks is seeking a motivated Security Operations Engineer to support detection, threat hunting, and security operations across our hybrid cloud environment. This role will focus on developing and improving detection capabilities, performing structured threat hunting, and supporting incident response activities under the guidance of senior team members. The ideal candidate will have foundational experience in cloud security and security operations, with a strong ability to analyze data, identify suspicious activity, and contribute to improving the organization’s overall security posture. This role requires a detail-oriented individual who can follow structured processes, document findings clearly, and continuously develop technical skills in areas such as detection engineering, threat intelligence, and cloud security while working both independently and as part of a team. This is a hybrid work position, with 3 days per week in our Nashua, NH headquarters.
Requirements
- 2+ years of hands-on experience implementing technical policies and controls in a hybrid cloud environment, including but not limited to Azure.
- 2+ years of experience correlating external and internal threat intelligence and enriching IoCs.
- 1+ year of experience in proactive threat hunting using advanced query languages (e.g., KQL, CQL, SPL, etc.) and automation techniques.
- 1+ year of experience performing external attack surface management (EASM) across hybrid environments.
- Demonstrated ability to conduct a hypothesis-driven threat hunt and strong knowledge of the MITRE ATT&CK framework and common threat actor TTPs.
- Cybersecurity certifications required (e.g., Microsoft AZ-500, CEH, CySA+ or equivalent).
- Strong OSINT and threat research capabilities, with experience leveraging automation and scripting for enrichment.
- Excellent analytical, documentation, and communication skills; ability to present findings to technical and non-technical audiences.
- This role is open to US Citizens or permanent residents authorized to work in the United States. Rightworks LLC is unable to offer visa sponsorship.
- Due to specific state regulations, we are unable to accept applications from residents of California, Hawaii, or Alaska.
- Relocation will not be offered for this position.
Responsibilities
- Develop and tune detection rules (WAF, EDR, SIEM alerts, etc.) based on known threat actor tactics, techniques, and procedures (TTPs)
- Perform structured threat hunting across endpoints, identity, and cloud workloads
- Conduct threat intelligence research and IOC enrichment
- Support External Attack Surface Management (EASM)
- Assist in the triage and incident response process and in correlating activity across multiple security tools (Defender, Sentinel, etc.) when required
- Contribute to detection improvement through tuning, validation, and feedback
- Document investigations, queries, and findings clearly and consistently
- Assist with security tool optimization, dashboards, and reporting
- Assist with monitoring of artificial intelligence (AI) products to ensure alignment with safety and security policies.
Benefits
- Company-paid short and long-term disability insurance
- Life insurance
- Generous 401K match
- Highly affordable medical coverage
- Dental coverage
- Vision coverage
- Flexible PTO
- Numerous paid holidays
- Paid volunteer time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Education Level
No Education Listed
