Apply Now

Please mention DailyRemote when applying

AI Summary

The Security Operations Engineer provides technical and operational support for MDR customers, focusing on incident investigation, remediation validation, and platform administration. The role serves as the technical backbone for the MDR team, ensuring timely security guidance and operational support.

Job Title: Security Operations Engineer
Location: Remote, USA (DFW based candidates preferred)
Reports to: Managing Director 
Employment Type: Full time 
Job Req ID: 2026  
Req Begin Date: 7/1/2026 

 
About Vector3 
Vector3, Inc., is an incident response firm supporting TMHCC Cyber and Professional Lines Group (CPLG). Vector3 specializes in responding to Business Email Compromise (BEC) and Ransomware incidents, helping insured organizations investigate, contain, and recover from cyber events. 

About TMHCC 
Tokio Marine HCC (TMHCC) brings 50 years of service to the specialty insurance industry, today offering over 100 products to commercial customers in 180 countries around the world. Every policy we write is special, enabling our clients to do amazing things. From insuring the crops that feed us to the rock concerts that entertain us, to rescuing international travelers in trouble. 
Organic growth and over 60 successful acquisitions have grown our 2023 Gross Written Premium (GWP) to over $7.5 Billion. Our workforce has grown to 4,300 worldwide … big, but not so big that you cannot make a difference. Our Good Company values, including integrity, empowerment, and commitment to customer service, and a culture of innovation, communication, and collaboration make TMHCC a great place to work. 

What We Offer 

  • Competitive salary and employee benefit package 

  • Strong learning culture 

  • Growth perspectives 

  • 6% 401K match 

  • 20 days of PTO and 2 Floating Days 

  • Paid parental leave 

  • An opportunity to love what you do 

DFW based candidates preferred, Spanish bi-lingual encouraged to apply

Job Summary

The Security Operations Engineer provides technical and operational support for Vector3's MDR customers. This role assists with incident follow-up, technical troubleshooting, remediation validation, compliance reviews, platform administration, and operational security initiatives.

The Security Operations Engineer serves as the technical backbone of the MDR team, allowing TAMs to focus on customer engagement, Cyber Hygiene strategy, and business growth while ensuring customers receive timely technical support and operational security guidance.

Key Responsibilities

Relying on advanced knowledge and strong leadership skills, this role is accountable for the following responsibilities:

Incident Investigation & Response Support

  • Review and investigate MDR alerts requiring customer follow-up.
  • Support incident validation, scoping, and remediation activities.
  • Conduct log analysis and security investigations.
  • Assist customers with containment and recovery validation.
  • Document investigative findings and recommendations.

Technical Operations & Platform Support

  • Support deployment and administration of Sophos MDR technologies.
  • Assist with endpoint onboarding, integrations, and configuration activities.
  • Troubleshoot technical issues involving MDR platforms.
  • Validate policy configurations and security controls.
  • Maintain technical documentation and operational runbooks.

Compliance & Security Advisory Support

  • Support Cyber Hygiene assessments and compliance reviews.
  • Assist with security maturity evaluations.
  • Review customer environments for security improvement opportunities.
  • Provide technical recommendations aligned to security best practices.

Collaboration & Cross-Functional Alignment

  • Work closely with TAMs on customer engagements.
  • Coordinate with Sophos MDR teams during investigations.
  • Support DFIR personnel during escalated incidents.
  • Participate in service improvement initiatives.

Competencies

Planning

  • Prioritize security investigations, technical support requests, and operational activities to meet customer service expectations.
  • Coordinate investigative activities and remediation efforts across multiple customer environments.

Communication

  • Clearly communicate technical findings, investigation results, and remediation recommendations to customers and internal stakeholders.
  • Prepare technical reports, investigation summaries, and operational documentation.
  • Translate complex cybersecurity concepts into actionable guidance for technical and non-technical audiences.

Technical Analysis

  • Analyze security events, endpoint telemetry, cloud audit logs, network traffic, and security platform data to identify threats and support customer investigations.
  • Apply analytical thinking to validate alerts, identify root causes, and recommend appropriate remediation actions.
  • Maintain awareness of emerging threats, attack techniques, and evolving cybersecurity best practices.

Business Controls and Policies

  • Comply with all corporate security policies, customer confidentiality requirements, and applicable regulatory obligations.
  • Follow established investigation procedures, documentation standards, and operational workflows.
  • Contribute to the development and continuous improvement of operational processes and technical playbooks.

Collaboration

  • Partner with Technical Account Managers to deliver exceptional customer service and security outcomes.
  • Coordinate with Sophos MDR personnel, internal engineering teams, and DFIR consultants during customer investigations and escalations.
  • Support knowledge sharing and continuous improvement across the Managed Services organization.

Education

Minimum 4 Year Bachelors Degree in Cyber security, Computer Science, information Technology related degree.

Certifications, Licenses, and Designations

Preferred Security+, CySA+, SC-200, Sophos Engineer, or similar certifications a plus.

Experience

3+ years in security operations, cybersecurity engineering, SOC operations, incident response, or IT security.

Other

  • Knowledge of Microsoft 365, Google Workspace, endpoint security, network security technologies, log analysis, and security investigation methodologies.
  • Strong troubleshooting and analytical skills.
  • Experience supporting MSSP, MDR, or SOC environments.
  • Familiarity with NIST CSF, CIS Controls, and common compliance frameworks.
  • Experience supporting Microsoft Defender, Sophos, CrowdStrike, SentinelOne, or similar platforms.
  • Professional proficiency in Spanish (written and verbal) with the ability to communicate technical and security concepts to Spanish-speaking customers.
  • Strong analytical and investigative mindset.
  • Excellent technical troubleshooting skills.
  • Ability to effectively communicate technical and security concepts to both technical and non-technical audiences in English; Spanish language proficiency is a plus.
  • Detail-oriented and process-driven.
  • Collaborative team player.

 

Pay Transparency 

The pay range for this position is $104,340-$157,860 which includes geographic adjustments, where applicable. The pay range is the range THMCC, in good faith, believes is the range of compensation for this role at the time of this posting. The hired applicant will be offered pay within the entire range based on the candidate’s geographic location, qualifications, work experience, education, and/or skill level. The Company is fully committed to ensuring equal pay opportunities for equal work regardless of color, race, sex, national origin, sexual orientation, religion, age, veteran status, disability, pregnancy, citizenship status, genetic information, or any other basis protected by federal, state, or local pay equity laws. 

California → Use CA Fair Chance language. 

The Company will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable federal, state and local laws, such as the Violent Crime Control and Law Enforcement Act of 1994 (18 USC § 1033(e))(the “VCCLEA”), which restricts financial institutions and insurers such as TMHCC from employing individuals with certain types of criminal convictions. Where the hiring and employment of individuals is not restricted by the foregoing, the Company will consider qualified applicants with arrest or conviction history in compliance with applicable law such as the California Fair Chance Act, the Los Angeles Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance, the San Diego Fair Chance Ordinance, and the San Francisco Fair Chance Ordinance.]  

As an insurance company, we comply with certain federal, state and local laws such as the Violent Crime Control and Law Enforcement Act of 1994 (18 USC § 1033(e)), which restricts our ability to employ individuals with certain types of criminal convictions. Where not restricted by law and for criminal history not covered by this law, the Company will consider qualified applicants with arrest or conviction history in compliance with applicable law. 

You do not need to disclose your criminal history or participate in a background check until a conditional job offer is made to you. After making a conditional offer and running a background check, if the Company is concerned about a conviction that is directly related to the job, you will be given the chance to explain the circumstances surrounding the conviction or challenge the accuracy of the background report. The Company will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable federal, state and local laws, such as the Violent Crime Control and Law Enforcement Act of 1994 (18 USC § 1033(e))(the “VCCLEA”), which restricts financial institutions and insurers such as TMHCC from employing individuals with certain types of criminal convictions. Where the hiring and employment of individuals is not restricted by the foregoing, the Company will consider qualified applicants with arrest or conviction history in compliance with applicable law such as the California Fair Chance Act, the Los Angeles Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance, the San Diego Fair Chance Ordinance, and the San Francisco Fair Chance Ordinance.] 

Applying our Mind Over Risk philosophy to writing insurance allows our customers to take on opportunity with confidence. That philosophy defines our way of thinking, unites us as a team, and differentiates us from our competitors. We are much more than just an insurance company; we are a good company. 

Equal Opportunity Employer 

TMHCC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity, genetic information, marital status, medical condition, national origin, physical or mental disability, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. 

 #LI-Hybrid  

#CPLG1 

#LI-VA 

 

Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Software Development

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified