Apply on Employer Site

FFF Enterprises · 10 hours ago

Senior Engineer, Security Operations

United States

Full-time

Remote

Senior Level

$140K/yr - $155K/yr

FFF Enterprises is seeking a Senior Security Operations Engineer to enhance their cybersecurity posture. The role involves proactive threat detection, incident response, and continuous improvement of security operations while collaborating with various teams to address cybersecurity threats effectively.

BiotechnologyHealth CareMedicalPharmaceutical

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Continuously monitor and analyze security telemetry across SIEM platforms, system logs, network traffic, identity systems, applications, cloud workloads, and endpoint detection tools

Correlate activity across endpoint, network, identity, and application assets to identify complex or multi-stage attack patterns

Act as a hands-on incident responder during active security incidents, including investigation, containment, eradication, and recovery

Serve as a senior technical escalation point during high-severity incidents, providing guidance on response actions and prioritization

Coordinate incident response efforts with internal IT teams, business stakeholders, and external partners, including managed security service providers (MSSPs)

Provide timely, accurate incident updates to technical and non-technical stakeholders

Perform post-incident root-cause analysis and document findings, lessons learned, and remediation actions

Maintain detailed incident records to support forensic, regulatory, and audit requirements

Participation outside of normal business hours may be required during active incidents. Up to ten percent (10%) travel may be required

Design, develop, and maintain detection logic, alerts, and use cases across SIEM, EDR, MDR, and related security platforms

Test, tune, and refine detection content to improve signal quality and reduce false positives

Evaluate the effectiveness of existing security monitoring and response tools and recommend improvements or configuration changes

Partner with IT infrastructure, cloud, and application teams to ensure logging and telemetry support effective detection and response

Identify inefficiencies within security operations processes and implement scalable, automation-driven improvements

Develop automated and guided response workflows to accelerate containment and remediation

Build and maintain dashboards, metrics, and reports to support operational visibility and leadership decision-making

Validate, maintain, and continuously improve incident response plans, procedures, and escalation models

Develop and maintain incident response runbooks and playbooks for common, high-risk, and emerging threat scenarios

Support and conduct tabletop incident response and recovery exercises; document outcomes and remediation actions

Partner with the Information Security Leadership and cross-functional stakeholders to strengthen organizational preparedness and response maturity

Ensure incident response processes align with industry frameworks and internal control requirements

Monitor internal and external threat intelligence sources to identify emerging threats, indicators of compromise, and adversary activity

Analyze and contextualize threat intelligence to assess relevance to the organization’s environment, risk profile, and business operations

Conduct threat assessments to identify likely attack vectors, potential impact, and appropriate defensive measures

Map adversary tactics, techniques, and procedures (TTPs) using frameworks such as MITRE ATT&CK

Proactively research and hypothesize new threats and detection opportunities

Translate threat intelligence into actionable detection logic, response guidance, and risk insights

Develop metrics, dashboards, and reporting to communicate security operations performance and risk posture

Provide consultative guidance to IT and business stakeholders regarding security risks and incident response considerations

Support executive-level reporting and briefings related to security incidents, trends, and response effectiveness

Contribute to a culture of security awareness, operational discipline, and continuous improvement

Serve as a key technical contributor supporting HITRUST, regulatory, and third-party security audits, with emphasis on SOC operations and incident response controls

Maintain audit-ready documentation for incidents, investigations, response actions, and remediation efforts

Support the collection, validation, and presentation of security operations evidence, including logs, alerts, dashboards, runbooks, and workflows

Partner with Information Security Leadership, IT, Compliance, and Risk teams to ensure alignment with HITRUST CSF, NIST, and internal control requirements

Participate in audit interviews, walkthroughs, and evidence reviews related to incident response and security monitoring

Identify control gaps or deficiencies and contribute to remediation planning and implementation

Ensure security operations processes are executed consistently and documented to withstand external audit scrutiny

Adheres specifically to all company policies and procedures, Federal and State regulations and laws

Display dedication to position responsibilities and achieve assigned goals and objectives

Represent the Company in a professional manner and appearance at all times

Understand and internalize the Company’s purpose; Display loyalty to the Company and its organizational values

Display enthusiasm and dedication to learning how to be more effective on the job and share knowledge with others

Work effectively with co-workers, internal and external customers and others by sharing ideas in a constructive and positive manner; listen to and objectively consider ideas and suggestions from others; keep commitments; keep others informed of work progress, timetables, and issues; address problems and issues constructively to find mutually acceptable and practical business solutions; address others by name, title, or other respectful identifier, and; respect the diversity of our work force in actions, words, and deeds

Comply with the policies and procedures stated in the Injury and Illness Prevention Program by always working in a safe manner and immediately reporting any injury, safety hazard, or program violation

Ensure conduct is consistent with all Compliance Program Policies and procedures when engaging in any activity on behalf of the company. Immediately report any concerns or violations

Other duties as assigned

Qualification

Security Operations Center (SOC)Incident ResponseThreat IntelligenceDetection EngineeringCloud SecurityNetwork SecurityWindows SecurityLinux SecurityContinuous ImprovementCommunication SkillsTeam CollaborationProblem Solving

Required

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a closely related technical field

An equivalent combination of education, certifications, and relevant professional experience may be considered in lieu of a degree

Advanced knowledge of security operations and incident response lifecycle management within a Security Operations Center (SOC) environment

Strong understanding of Windows and Linux operating system security

Knowledge of network security principles, including firewalls and intrusion detection and prevention systems

Knowledge of modern threat landscapes, attacker techniques, and evasion methods

Ability to translate threat intelligence into actionable detection and response logic

Knowledge of evidence collection, documentation standards, and audit support requirements

Ability to communicate technical security risk in business-relevant terms

This experience is essential to success in this role

Preferred

Master's degree in Cybersecurity, Information Assurance, Computer Science, or a related discipline

Formal coursework or advanced training in incident response, digital forensics, threat intelligence, or security engineering

Familiarity with incident response frameworks such as NIST 800-61 and MITRE ATT&CK

Knowledge of security automation and orchestration (SOAR) concepts and tools

Knowledge of cloud security concepts and controls across AWS, Azure, and GCP

Knowledge of scripting and automation concepts using Python or similar languages

Knowledge of advanced query development within SIEM or large-scale data platforms

Familiarity with audit-driven or regulated security environments

Company

FFF Enterprises

FFF Enterprises is a Pharmaceuticals supplier of critical-care biopharmaceuticals, plasma products and vaccines.

Founded in 1988

Temecula, California, USA

501-1000 employees

https://www.fffenterprises.com/

H1B Sponsorship

FFF Enterprises has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (5)

2024 (7)

2023 (6)

2022 (2)

2021 (2)

2020 (4)

Funding

Current Stage

Late Stage

Total Funding

$1.12B

2025-02-05Debt Financing· $1.12B

Leadership Team

Shay Reid

Chief Operating Officer

Recent News

FFF Enterprises.com

Now Accepting: Applications for the 2026 Eric Dostie Memorial College Scholarships

2025-11-12

PRLog

Healthcare Distribution Market to Surge from USD 984.2 Bn in 2023 to USD 1,884.9 Bn by 2032

2025-09-30

FFF Enterprises.com

FFF Enterprises Announces Launch of RightNow Anywhere™ Inventory Management Solution

2025-09-30

Company data provided by crunchbase