SOC Detection Engineer (US Remote)

At First Advantage (Nasdaq: FA), people are at the heart of everything we do. From our customers and partners to our greatest advantage — our team members. Operating with empathy and compassion, First Advantage fosters a global inclusive workforce devoted to the diverse voices that make up our talent and products. Our team members empower each other to be their authentic selves and treat all with respect, integrity, and fairness.

Say hello to a rewarding career, and come join a leading provider of mission-critical background screening solutions to some of the most recognized Fortune 100 and Global 500 brands.

Position Overview
We are seeking a skilled and forward-thinking Cybersecurity Engineer to join our Security Operations Center (SOC) team. In this pivotal role, you will be responsible for engineering, implementing, and supporting cutting-edge SOC tooling, including Security Information and Event Management (SIEM) platforms, Endpoint Detection and Response (EDR) systems, Security Orchestration, Automation, and Response (SOAR) solutions, and AI-driven security technologies. You will also be a key driver in building automations and integrating advanced analytics, ensuring our organization remains resilient in the face of ever-evolving cyber threats. This position will work EST hours and would be required to work after hours as needed to support incident response as part of an on-call rotation.

For compliance reasons, all personnel must be United States Citizens and have, for 3 of the past 5 years, resided in the United States OR worked for the United States overseas in a federal or military capacity OR be a dependent of a federal or military employee serving overseas. In addition to our standard pre-employment background check and drug screen, you will be required to undergo additional checks to obtain an LAR certification via the the proper channels in order to remain employed.

Key Responsibilities

• Design, implement, and maintain SOC Tooling: Deploy, configure, and optimize SIEM, EDR, and SOAR platforms to support robust security operations, threat detection, and incident response.
• Automation and Orchestration: Architect and develop automation workflows using SOAR platforms, leveraging scripting, APIs, and integration with other security tools to enhance operational efficiency.
• AI and Advanced Analytics: Evaluate, implement, and maintain AI-powered security solutions for threat detection, anomaly detection, and automated response, collaborating with data scientists and security analysts.
• Use of Query and Programming Languages: Develop and optimize complex detection rules, searches, and reports using query languages as well as scripting and programming languages (such as Python, PowerShell, or JavaScript).
• Threat Detection and Incident Response Support: Collaborate with SOC analysts to tune detection logic, automate repetitive tasks, and ensure rapid, precise response to security incidents.
• Incident Response: Provide hands-on support during security incidents, including investigation, containment, eradication, and recovery activities. Work with SOC analysts and other stakeholders to analyze incidents, develop response strategies, and implement corrective actions.
• Security Monitoring: Continuously monitor enterprise systems, networks, and endpoints for suspicious activity, indicators of compromise, and vulnerabilities. Ensure security alerts are effectively triaged, investigated, and escalated as needed.
• Integration and Engineering: Design and implement integrations between SIEM, EDR, SOAR, and other security or IT systems, ensuring seamless data flow and coordinated defense mechanisms.
• Enterprise System Integration: Build and maintain connections between SOC tools and enterprise systems (such as ERP, HRIS, CRM, and other business applications) to enable comprehensive security monitoring and ensure visibility across the organization.
• Continuous Improvement: Proactively monitor tool performance, analyze metrics, and drive improvements in detection, automation, and response capabilities.
• Documentation and Knowledge Sharing: Create and maintain clear documentation for detection rules, automation workflows, and SOC tooling architecture. Share best practices with peers and mentor junior team members.
• Collaboration: Work closely with IT, engineering, and application teams to ensure that security controls are integrated into business processes and technical solutions.
• Compliance and Regulatory Support: Assist in ensuring SOC tooling and processes meet compliance requirements, such as PCI-DSS, HIPAA, GDPR, or industry best practices.
• Participate in an on-call rotation as needed, typically once a month, to provide timely support for critical incidents and maintain the security posture of the organization.

Required Qualifications

• Bachelor’s degree in Computer Science, Information Security, or a related technical discipline, or equivalent work experience.
• Minimum of 5 years’ experience in cybersecurity engineering, SOC operations, or similar roles.
• Hands-on experience with SIEM platforms, EDR tools, and SOAR solutions.
• Proficiency building and maintaining automation and orchestration workflows using scripting languages (Python, PowerShell, Bash, etc.).
• Strong skills in query languages for threat hunting and detection rule creation.
• Experience integrating and supporting AI/ML security tools and applying analytics for threat detection.
• Solid understanding of security operations, threat landscapes, and incident response methodologies.
• Experience integrating security tools with APIs and developing custom connectors or enrichment scripts.
• Experience integrating SOC tooling with enterprise systems for security monitoring and data correlation.
• Excellent analytical, problem-solving, and troubleshooting abilities.
• Strong verbal and written communication skills, with the ability to explain technical concepts to both technical and non-technical audiences.
• Willingness to participate in an on-call rotation, typically once a month.

Key Attributes

• Innovative Mindset: Enthusiasm for exploring and integrating new technologies to advance SOC capabilities.
• Team Player: Collaborative spirit with a willingness to mentor, share knowledge, and support fellow engineers and analysts.
• Adaptability: Comfort in a fast-paced, evolving environment with shifting priorities and new challenges.
• Attention to Detail: Diligence in designing precise detection logic, automations, and documentation to ensure accuracy and reliability.
• Ethical Approach: Unwavering commitment to upholding security, privacy, and compliance standards.

Preferred Qualifications

• Relevant cybersecurity certifications.
• Experience working with cloud security tools and environments and their native security features.
• Knowledge of threat intelligence platforms, vulnerability management systems, and network security solutions.
• Background in DevSecOps, CI/CD pipeline security, or security testing automation.
• Familiarity with compliance frameworks and regulatory requirements.
• Experience collaborating with cross-functional teams in large or complex enterprise environments.

Why First Advantage is Your Next Big Career Move
First Advantage is going through a technology transformation! We are looking for experts who are excited to work with advanced technologies and provide best-in-class user experiences, drive the development and deployment of scalable solutions, and smoothly guide our agile teams and clients through meaningful changes as we continue to expand our impact.

What Are You Waiting For? Apply Today!
You have learned a little about us today – we want to learn about you! If you think this position and our company are a great fit for your areas of interest and expertise, tell us about you by applying now!

The salary range for this position is approximately $110,000-140,000 base annually. This range reflects our good faith estimate to pay fairly as to what our ideal candidates are likely to expect, and we tailor our offers within the range based on the selected candidate’s experience, industry knowledge, technical and communication skills, and other factors that may prove relevant during the interview process.

United States Equal Opportunity Employment:

First Advantage is proud to be a global leader in removing barriers and supporting our community members to ensure the changing demographics of the workforce are reflected in our hiring and employment practices. We value all of our candidates, employees, and clients, and place great emphasis on hiring and supporting qualified individuals in each role. We are an equal opportunity employer. We do not discriminate on the basis of race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, genetic information, or any other area protected by applicable law.