SecOps Engineer
Sourced · Spain
- Hybrid
- Full-time
- $170,000 / year
- Spain
Job highlights
- Detect, investigate, and respond to security threats.
- Build and tune security detections.
- Conduct threat hunting and incident response.
- Partner with engineering for fixes.
- Work remotely with flexible hours.
About the role
SecOps Engineer
We are hiring a SecOps Engineer to detect, investigate, and respond to security threats. The role combines deep security expertise with operational discipline — keeping the company defended in real time.
Key Responsibilities
- Build and tune detections in SIEM, EDR, and cloud security tools
- Investigate security alerts and lead response on confirmed incidents
- Conduct threat hunting across endpoint, network, and cloud telemetry
- Maintain incident response playbooks and conduct tabletop exercises
- Partner with engineering on remediation and root-cause fixes
- Document incidents, findings, and lessons learned
Required Skills and Qualifications
- 3+ years in security operations, incident response, or detection engineering
- Hands-on with SIEM platforms (Splunk, Sumo Logic, Datadog, Sentinel)
- Experience with EDR tools (CrowdStrike, SentinelOne, Defender)
- Working knowledge of cloud security across AWS, GCP, or Azure
- Scripting fluency in Python or Go
- Industry certifications (GCIH, GCIA, OSCP) are a plus
What You'll Bring
- Curiosity to dig into systems and turn findings into shipped improvements
- Strong written communication and ability to explain technical decisions
- A test-and-learn mindset; you ship fast, measure, and iterate
- Comfort working asynchronously across time zones
What We Offer
- Fully remote, flexible work hours
- Performance-based bonus structure
- Annual learning & development stipend
- Health and wellness benefits (varies by location)
- Opportunity to work on high-scale, real-world impact projects
Equal Opportunity Statement
This is an equal opportunity role. Applications are welcomed from all qualified individuals regardless of race, color, ethnicity, nationality, gender, gender identity or expression, sexual orientation, age, religion, disability, marital status, or any other characteristic protected by applicable law. All hiring decisions are based solely on qualifications, skills, and demonstrated ability.
Key skills/competency
- SecOps Engineer
- Security Operations
- Incident Response
- Detection Engineering
- SIEM
- EDR
- Cloud Security
- Python
- Go
- Threat Hunting
Skills & topics
- SecOps Engineer
- Security Operations
- Incident Response
- Detection Engineering
- SIEM
- EDR
- Cloud Security
- Python
- Threat Hunting
- Full-time
- Remote
How to get hired
- Tailor your resume: Highlight SecOps, incident response, and detection engineering experience. Quantify achievements with data.
- Showcase technical skills: Emphasize SIEM, EDR, cloud security (AWS, GCP, Azure), and Python/Go proficiency.
- Demonstrate soft skills: Use your cover letter to show curiosity, communication, and a test-and-learn mindset.
- Prepare for technical interviews: Be ready to discuss threat scenarios and incident response strategies.
- Research Sourced: Understand their mission, values, and focus on impactful projects.
Technical preparation
Practice Python/Go scripting for security tasks.,Familiarize with SIEM and EDR tools.,Study cloud security best practices.,Review incident response playbooks.
Behavioral questions
Describe a complex security incident.,How do you handle critical alerts?,Explain your threat hunting process.,How do you collaborate with engineers?
Frequently asked questions
- What are the key responsibilities of a SecOps Engineer at Sourced?
- As a SecOps Engineer at Sourced, your primary responsibilities include building and tuning detections in SIEM, EDR, and cloud security tools, investigating security alerts, leading incident response, conducting threat hunting, maintaining incident response playbooks, partnering with engineering for remediation, and documenting incidents and findings.
- What technical skills are essential for the SecOps Engineer role at Sourced?
- Essential technical skills include 3+ years in security operations, incident response, or detection engineering. Proficiency with SIEM platforms (Splunk, Sumo Logic, Datadog, Sentinel), EDR tools (CrowdStrike, SentinelOne, Defender), and working knowledge of cloud security (AWS, GCP, Azure) are crucial. Scripting fluency in Python or Go is also required.
- Is experience with specific SIEM or EDR tools required for the SecOps Engineer position?
- While hands-on experience with SIEM platforms like Splunk, Sumo Logic, Datadog, or Sentinel is required, and experience with EDR tools such as CrowdStrike, SentinelOne, or Defender is needed, Sourced values adaptable engineers who can learn and integrate new tools effectively.
- Does Sourced offer benefits for remote SecOps Engineers?
- Yes, Sourced offers health and wellness benefits that vary by location, a performance-based bonus structure, and an annual learning & development stipend for all employees, including fully remote SecOps Engineers.
- How does Sourced support professional development for its SecOps Engineers?
- Sourced supports professional development through an annual learning & development stipend, encouraging SecOps Engineers to pursue certifications, training, and other growth opportunities relevant to their roles and career advancement.
- What is the work arrangement for the SecOps Engineer role at Sourced?
- The SecOps Engineer role at Sourced is fully remote, offering flexible work hours and the ability to work asynchronously across different time zones, promoting a healthy work-life balance.
- What kind of projects will a SecOps Engineer work on at Sourced?
- SecOps Engineers at Sourced have the opportunity to work on high-scale, real-world impact projects, focusing on defending the company in real-time by detecting, investigating, and responding to security threats.
- Are industry certifications like GCIH or OSCP necessary for the SecOps Engineer job?
- Industry certifications such as GCIH, GCIA, or OSCP are considered a plus for the SecOps Engineer role at Sourced, demonstrating a strong foundation in security principles and practices, but are not strictly required.