Skip to Main Content
← Back to Jobs

SOC Security Engineer

CipherTechs, Inc Salt Lake, UT
  • Expired: 11 days ago. Applications are no longer accepted.

Description of the Position:

SOC Security Engineer

Our Incident Response, Security Engineering, and Defense Analytics team work together to provide world-class detection and response services critical to business operations, legal compliance, and public relations. Our Security Engineering branch configures, deploys, and manages a wide range of security hardware appliances and software solutions including firewalls, routers, switches, VPN, servers, IOT/SCADA, multipurpose devices and more in the cloud and on-premises alike. Security solutions require specialized knowledge, insight, and care beyond traditional system administration.



  • Internships are expected to last a duration of 6 months and may lead to an offer for a Junior position.
  • Become familiarized with the work environment and gain necessary exposure and skills to operate at 80% of a full-time employee.
  • Use any available downtime to test documented procedures and/or study for one of the following certifications: CompTIA Sec+, CompTIA A+, CompTIA N+, EC-Council CEH, Linux Essentials PDC, Cisco CCT, Microsoft MTA, Apple ACA, GIAC GISF or a similar professional security certification.
  • Spend anywhere from 16-40 hours a week alongside full-time employees as higher education schedule allows.


  • Regularly scope and deploy various security technologies.
  • Troubleshoot, support, and maintain client security applications including SIEM, SOAR, Network IDS/IPS, Host IDS/IPS, Network Firewall, Host Firewall, Web Application Firewall, EDR, AV, DLP, Identity & Access Management, Web Proxy, Email Security.
  • Identify and address the needs of internal and external customers through market research, competitive analysis, and customer engagement.
  • Identify areas of security controls improvement within client environments that aligns with industry and vendor best practices.
  • Consistently provide professional-quality customer service.
  • Regularly track work in a ticketing/tracking system with a thoroughness acceptable for knowledge base use and customer consumption.
  • Maintain high level of technical expertise with products in use and the ability to quickly familiarize with related technologies.
  • Stay informed of breaking news and industry best practices from multiple reliable sources and share findings.
  • Attend and contribute to regular team meetings.


  • Utilize CipherTechs lab to test product changes and share findings regarding malware and threat research.
  • Perform system upgrades, patches, and hotfixes, sometimes after normally defined work hours.
  • Write parsers, scripts, and develop other solutions to accomplish or improve log ingestion, multi-device management, and other related challenges.
  • Aid in onboarding and mentoring new team members.
  • Drive and Implement continuous improvement, open communication, and sharing of knowledge.
  • Assist with creation, review, and upkeep of internal documentation.
  • Facilitate reasonable out-of-hours communications such as company email and occasional SOC operations related phone calls to resolve escalated issues.
  • Actively encourage team collaboration, cross-training, and documentation.
  • Act as a primary subject matter expert for one or more security products.
  • Act as escalation point for complicated or sensitive work.


  • Maintain CipherTechs lab to facilitate regular SOC-related product evaluations, testing, and training grounds.
  • Write advanced API's to interconnect systems with the goal of improving services provided.
  • Ensure that team members are following best practices and documented procedures.
  • Supervise and assist with team access and credentials to customer environments.
  • Act as a primary technical point of contact with customers.
  • Ensure customer Service Level Agreements are consistently met or exceeded and identify areas of improvement.
  • Assist or lead in onboarding new customers and other projects.
  • Act as escalation point for highly complicated or sensitive work.
  • Act as a primary subject matter expert for multiple security products.


All Levels of Seniority

  • Demonstrated experience with the security industry including an understanding of best practices, risk mitigation, and compliance frameworks.
  • Able to function effectively in high stakes and high stress situations.
  • Legally capable of working in the US, Canada or EU.
  • Follow a continuous education program and maintain one or more relevant professional certifications.
  • Ability to quickly find answers to questions referencing manuals and/or Internet resources.
  • Fluent in English in both writing and speech (i.e. writing, reading, speaking, and understanding).


  • 1-year experience performing similar duties.
  • Obtain within 1 year and maintain at least of the following certifications (other intermediate certifications will be considered): GSEC, GCIH, CySA+, GCIA, GCFA, CCENT, GCCC


  • Experienced in security product service deployment and maintenance.
  • 2 years’ experience performing similar duties.
  • Obtain within 1 year and maintain at least one of the following certifications (other advanced certifications will be considered): GCED, GMON, GCFE, GFCA, CCNA, CCDA


  • Experienced in security product service deployment and maintenance.
  • 5-years' experience performing similar duties.
  • Obtain within 1 year and maintain at least one of the following certifications (other expert certifications will be considered): GCDA, GSLC, SSCP, OSCP, GNFA, CCNP, CCIE, GSNA.

Preferred Background:

  • One or more security-related certifications from any of the following organizations: GIAC, ISC(2), CompTIA, EC-Council, Offensive Security, PMI, Cisco, Microsoft, Apple, Amazon
  • A valid passport.
  • Bachelor of Information Technology, Computer Science, Computer Engineering, Cybersecurity, Communications, Business or other related fields of study.
  • Demonstrates a personal interest in cybersecurity outside work hours.
  • Experience with regular expressions.
  • Experience writing security product signatures, alerts, etc.
  • Experience in an MSSP environment or performing similar duties.
  • Experience with deploying, maintaining, or using one or more of the following Security Solutions: SIEM, SOAR, Network IDS/IPS, Host IDS/IPS, Network Firewall, Host Firewall, Web Application Firewall, EDR, AV, DLP, Identity & Access Management, Web Proxy, Email Security
  • Programming experience in machine, assembly, high-level, scripting languages.
  • Experienced in reviewing event logs.


  • 401K with 4% match after six months on the job.
  • Partial telephone or Internet reimbursement.
  • Health insurance with one or more care providers to select from (including dental & vision).
  • Performance-based individual and group annual bonuses.
  • Continuing professional education at the cost of CipherTechs.
  • Ability to work from home on some duty days (for employees that report daily to a physical office).


Work may be conducted from one of our offices below; fully remote work will be considered. Less than 10% travel is expected.

90 Broad Street
5th Floor
New York, NY 10004

Hebron House
MacDonagh Junction
Kilkenny City, R95 T91Y

CipherTechs, Inc

Why Work Here?

CipherTechs is a global Cyber Security service provider founded in 2001 that remains privately held with headquarters in New York City. We are completely and exclusively focused on cyber security and provide a full-service solution portfolio. We service our customers through the following main practice areas: Offensive Security Services, Audit & Compliance, Defensive & Managed Services, Digital Forensics & Incident Response, General Consulting. As a managed services security provider (MSSP), CipherTechs maintains multiple security operations centers, staffed 24x7, with the responsibility of identifying, containing and responding to security incidents for major organizations worldwide. This managed security service is backed by security engineers that are trained and certified in dealing with incident response and digital forensic investigations. These engineers have obtained certifications from industry-wide organizations such as ISC2, SANS, and ISACA, and possess extensive product experience with the solutions that are used to secure our customers environments.


Salt Lake, UT