Mid Level Information Security Operations Engineer

Location: Phoenix, AZ or Oakland, CA (Relocating to Walnut Creek, CA) or Honolulu, HI

Industry: Maritime & Logistics

Job Type: Full-time, Hybrid (2 Days On-Site Weekly)

Work Status: No C2C or C2H

About the Company

StratITech is hiring on behalf of a leading logistics and transportation company that plays a vital role in moving goods across the globe. The company is focused on innovation, efficiency, and securing its operations—making cybersecurity a key priority.

About the Role

We’re looking for a Mid-Level Security Operations Engineer to join the security team. This hybrid role is a great fit for someone who enjoys both remote flexibility and in-person collaboration (2 days per week onsite). You’ll help monitor, investigate, and respond to cybersecurity threats, while contributing to the overall security strength of cloud and on-prem systems.

Security Operations is a critical function within the Information Security team. The individual should be proactive, analytical, and ready to respond to a wide range of cyber threats—including those targeting the maritime industry—with precision and minimal downtime.

What You'll Do

• Monitor and analyze security events and logs to identify potential threats.
• Respond to security incidents (e.g., phishing, malware, unusual activity), investigate root causes, and assist with remediation.
• Support day-to-day operations: log monitoring, data loss prevention, compliance monitoring, and security alerts across endpoints, servers, and cloud systems.
• Use SIEM platforms to detect, correlate, and respond to security issues.
• Manage and tune firewalls, IDS/IPS, endpoint protection, and cloud security tools.
• Help maintain and manage logging environments, including license managers, indexers, and search heads.
• Collaborate with IT and cloud infrastructure teams to improve security controls.
• Participate in regular security incident response testing and exercises.
• Investigate and respond to incidents, conduct root cause analysis, identify vulnerabilities, and implement remediation.
• Respond to phishing attacks by tracking down and recalling malicious emails and alerting affected users.
• Support periodic compliance testing, metrics reporting, and documentation of procedures.
• Research emerging security threats and trends to recommend countermeasures.
• Collaborate with external security vendors and internal stakeholders on threat response and prevention.

What You Bring

• Security Operations Experience: Hands-on SOC experience (Tier 1–2), with skills in analyzing logs, managing alerts, and triaging incidents.
• Incident Response Skills: Comfortable with the full lifecycle of incident detection, containment, investigation, and reporting.
• Technical Foundations: Solid knowledge of networks, system architecture, and protocols (DNS, BGP, TCP/IP, SMTP, SSL, etc.).
• Tool Familiarity: Experience with Splunk, Microsoft Defender, PowerShell, Proofpoint, Office 365, and other security platforms.
• Cloud Security: Familiarity with AWS, Azure, and cloud-native tools (e.g., GuardDuty, Data Explorer, Log Analytics).
• System Knowledge: Understanding of Unix/Linux, Windows, macOS, shell scripting, SQL, and application security.
• Soft Skills: Strong communication skills—able to explain complex issues to non-technical stakeholders, and work across teams effectively.
• Process Mindset: Understanding of memory management, triage/investigation practices, and the incident response lifecycle.
• Adaptability: Ability to multi-task in a fast-paced environment, handle customer-reported issues, and work independently or in teams.

Nice to Have

• Security certifications such as CEH, CISSP, or GIAC (GCIH, GCIA, GCFA).
• Understanding of web vulnerabilities like XSS, CSRF, SQL Injection.
• Experience with vulnerability management tools and remediation strategies.
• Experience supporting SOAR development and threat intelligence integrations.

Compensation & Perks

• Competitive salary (commensurate with experience)
• Full benefits package
• Career advancement opportunities
• Hybrid work model – 2 days per week onsite