SOC L2/L3 Engineer

Solidgate
Remote
Match Resume

About The Position

Solidgate processes millions of payments across 120+ services, including its own acquiring module, and operates in a regulated environment with real cardholder data and SWIFT connectivity. This role is critical for defining what detection looks like at Solidgate: what gets monitored, what gets detected, and how the team responds when something goes wrong. The Security Operations function is greenfield, offering the opportunity to build the detection stack from scratch and own every decision.

Requirements

  • 3+ years in SOC / Detection & Response at L2/L3 level, with hands-on investigation experience
  • Practical experience building or operating a SIEM, including writing and tuning detection rules
  • Detection engineering with MITRE ATT&CK mapping; confident with KQL, SPL, or equivalent query languages
  • Experience investigating cloud log sources: AWS CloudTrail, GuardDuty, Google Workspace, EDR/XDR
  • Scripting and automation skills (Python or similar) for telemetry processing and routine tasks
  • Solid understanding of attacker techniques and how they manifest in logs - not just tool knowledge, but threat understanding
  • Disciplined investigation process, clear documentation, clean post-mortems

Nice To Haves

  • SOAR experience and a detection-as-code approach (version control for rules, CI pipelines for detection)
  • UEBA, threat intelligence enrichment, or alert contextualization at scale
  • Familiarity with payment-specific environments - CDE monitoring, SWIFT, PCI DSS context
  • Purple teaming experience working alongside an offensive security team

Responsibilities

  • Build and operationalize the SIEM from PoC to production - including case management and UEBA, with full ownership of the technology selection
  • Design, write, and tune detection rules mapped to MITRE ATT&CK, covering identity compromise, privilege escalation, lateral movement, and endpoint threats
  • Triage and investigate L2/L3 alerts, reduce false positives, and establish clear escalation paths for each use case
  • Lead incident response and basic forensics - containment, eradication, and structured lessons learned
  • Onboard log sources across AWS, JumpCloud, Google Workspace, CDE, and SWIFT
  • Run threat hunts based on realistic attack hypotheses specific to a payment platform's risk profile
  • Build and maintain runbooks and playbooks; automate repetitive actions via SOAR or scripting
  • Define SOC metrics and own monthly reporting to management on detection coverage and response performance

Benefits

  • 30+ days off
  • unlimited sick leave
  • free office meals
  • health coverage
  • Apple gear
  • Courses, conferences, sports and wellness benefits

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

No Education Listed

Job Search Resources

Similar SOC L2/L3 Engineer job opportunities

Senior Managed Services Engineer (L2/L3)
Lincoln IT
Lincoln IT • Hicksville, NY6d • Remote
Microsoft 365 Administrator
iSoftStone
iSoftStone5d • $66 - $71 • Onsite
Software Engineer
Jovian Concepts
Jovian Concepts7d • Onsite
🔥 New JobClient Services Engineer (L3)
KJ Technology
KJ Technology • New York, NY20h • Onsite
IT Security Engineer
Synthesis Health
Synthesis Health • Charleston, WV4d • $105,000 - $125,000 • Remote
IT Security Engineer
Synthesis Health
Synthesis Health • Charleston, WV4d • Remote

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service