[Hiring] Security Operations Engineer @Abacus Insights

Role Description

We are seeking a Security Operations Engineer to own and operate the day‑to‑day security operations that enable our platform, our AI initiatives, and our teams to move quickly and safely. This role sits at the center of how security functions in a fast‑moving, cloud‑first environment — ensuring security signals are acted on, risks are addressed, and compliance obligations are met without slowing the business down.

As our organization scales and our use of AI and connected systems accelerates, security operations must be highly responsive, deeply integrated with engineering, and able to operate with clarity under ambiguity. This role exists to unlock that scale. You will be responsible for turning alerts, findings, and requests into resolved outcomes — reducing operational drag on senior engineers and ensuring security work moves predictably from intake to closure.

This is a flow‑ownership role, not a platform architecture role. Success is defined by execution: issues don’t stall, evidence exists when needed, audits are smooth, and teams trust the security process. You will act as the connective tissue between security tooling, engineering teams, compliance requirements, and documented results — bringing structure, discipline, and follow‑through to complex operational work.

Working closely with Security Engineering, Cloud Engineering, IT, and Compliance, you will play a critical role in keeping security scalable, auditable, and aligned with business priorities — allowing the broader organization to focus on innovation while you ensure the foundation remains strong.

Your day to day

• Security Operations & Triage
  • Own the end-to-end lifecycle of security operational work from intake to closure, including triage, prioritization, routing, and verification.
  • Serve as the primary owner of the security operations backlog in Jira, ensuring issues are clearly scoped, properly assigned, and progressing.
  • Triage and manage findings from security tooling (e.g., CSPM, SIEM, DLP, endpoint security), escalating when necessary and closing the loop with evidence.
  • Act as the first line of operational response for routine security requests such as firewall rules, IP allowlisting, certificate management, logging changes, and access related exceptions.
• Vulnerability & Findings Management
  • Manage cloud and application security findings through remediation, exception, or risk acceptance workflows.
  • Coordinate directly with engineering teams on remediation efforts, ensuring expectations, deadlines, and verification steps are clear.
  • Maintain accurate status tracking and supporting evidence for remediation and audit purposes.
  • Support recurring vulnerability management activities and reporting requirements.
• Monitoring, Logging & Detection Hygiene
  • Execute daily, weekly, and monthly security review tasks, including log reviews, alert reviews, and dashboard verification.
  • Ensure required logs are present, flowing, and usable; identify and escalate gaps in coverage.
  • Support continuous improvement by documenting operational pain points and recurring failures for engineering follow-up.
• Compliance & Audit Operations
  • Produce and maintain security artifacts required for audits, customer assurance, and regulatory reviews.
  • Own recurring security operational tasks tied to compliance (e.g., access reviews, log review evidence, vulnerability reports).
  • Ensure evidence is complete, reproducible, and stored according to defined standards.
• Process & Runbook Ownership
  • Maintain and improve security operations runbooks, checklists, and standard operating procedures.
  • Help normalize and standardize how security work is requested, tracked, and completed across teams.
  • Identify opportunities to reduce manual effort through better workflow design or handoff to engineering for automation.

Qualifications

• 3–6 years of experience in security operations, cloud operations, or SRE-adjacent roles.
• Strong experience operating security tooling such as cloud security posture management (CSPM), SIEM, endpoint protection, or DLP platforms.
• Hands-on familiarity with cloud environments (AWS and/or Azure) and common operational security controls.
• Experience managing work through ticketing systems (e.g., Jira) with a focus on clarity, prioritization, and follow-through.
• Strong understanding of operational security concepts, including vulnerability management, least privilege, logging, and auditability.
• Ability to work calmly across many parallel work items and maintain operational discipline.
• Clear written and verbal communication skills, especially when coordinating across teams.

Requirements

• Experience supporting regulated environments (e.g., healthcare, HITRUST, SOC 2).
• Familiarity with tools such as Wiz, Splunk, Microsoft Defender, or equivalent platforms.
• Experience supporting audit cycles or customer security reviews.
• Exposure to Infrastructure-As-Code or automation pipelines (ability to identify when automation is needed, not necessarily build it).
• AWS Security certification and/or Azure Security equivalent certifications are a plus.

Benefits

• Unlimited paid time off – recharge when you need it.
• Work from anywhere – flexibility to fit your life.
• Comprehensive health coverage – multiple plan options to choose from.
• Equity for every employee – share in our success.
• Growth-focused environment – your development matters here.
• Home office setup allowance – one-time support to get you started.
• Monthly cell phone allowance – stay connected with ease.

Company Description

As a mission-led technology company helping to drive better healthcare outcomes, Abacus Insights believes that the best innovation and value we can bring to our customers comes from diverse ideas, thoughts, experiences, and perspectives. Therefore, we dedicate resources to building diverse teams and providing equal employment opportunities to all applicants.

At the heart of who we are is a commitment to continuously and intentionally building an inclusive culture—one that empowers every team member across the globe to do their best work and bring their authentic selves.