Cloud SecOps Engineer: Vulnerability & SIEM Lead

At SOM, we are a collective committed to shaping a better future for our clients, communities and planet. We aspire to create the most sustainable, impactful work through creative, interdisciplinary teams with all the resources and diversity of a global firm. We value those who are passionate about excellence, innovation, integrity, inclusivity, and collaboration. Together we can achieve great things.

Success at SOM Means

• Ideas: Our highest aspirations go beyond known solutions and models. We are constantly innovating and attempting to bring new approaches, solutions and processes to our work.
• Knowledge: We are not expected to know everything, but rather to passionately pursue answers. It is vital that we listen intently and are proactive about learning, integrating new skills and deepening our knowledge.
• Deliverables: We strive for excellence in the concept, quality, and delivery of our work.
• Individual: We believe in the individual and the wealth of attributes, skills, and knowledge that a person can develop and contribute.
• Team: Our design ethos is founded on the principle of interdisciplinary integration. We foster a positive team culture in which everyone collaborates openly towards common goals.
• Firm: We believe in a meritocracy of ideas. We are a collective that looks to everyone to actively contribute to the design discourse in the office.

Summary

The SecOps Engineer is a new position at SOM. The individual will be pivotal in forming the basis of what will be a growing number of security and cloud-focused members within the Office of Technology. With a pure focus on cloud-based systems, the SecOps Engineer will form part of the backbone of multiple key teams within the Office of Technology.

Position Responsibilities

• Reports directly to the SecOps Team Lead on operational activities and strategic initiatives.
• Subject Matter Expert for vulnerability management and threat detection platforms, with primary focus on Rapid7 technologies.
• Configure, tune, and optimize scanning platforms, assessment reporting, and remediation workflows to ensure optimal performance and efficiency.
• Manage threat detection, incident response, and security orchestration; develop custom detection rules and automated playbooks.
• Research, test, and implement new security technologies as business needs evolve.
• Analyzes user-reported security matters and system-detected alerts across multiple security platforms.
• Assesses and mitigates vulnerabilities identified through various scanning and monitoring solutions.
• Creates and implements automation to provision, configure, and manage security services and integrations.
• Ensure seamless data flow between security tools and existing infrastructure.
• Provides technical subject matter expertise on security platforms and leads strategic implementation projects.
• Maintains current knowledge of security technology trends, vendor roadmaps, and emerging threats.

Minimum Qualifications

• 7+ years of experience as a SecOps Engineer.
• 3+ years of hands-on experience with vulnerability management and SIEM platforms (Rapid7 experience strongly preferred).
• Relevant security certifications.
• Proven experience developing and executing vulnerability management programs.
• Strong background in SIEM administration, log analysis, and threat hunting methodologies.
• Experience with security automation, orchestration platforms, and API integrations.
• Demonstrated ability to learn and adapt to new security technologies quickly.
• Familiarity with common attack vectors, exploitation techniques, and threat landscapes.
• Experience with collaborative software development within cloud frameworks - Git, Infrastructure-as-Code, Python, PowerShell, automation scripting.

SOM offers opportunities to work on transformational projects, competitive salaries, health insurance, wellness, retirement and financial and other work/life plans. At SOM, we welcome and encourage diversity in the workplace. We believe an inclusive environment benefits our employees, our firm, and our community, while also enriching and challenging our own thinking about design. We are proud to be an equal opportunity and affirmative action employer.