FanDuel
Security Operations Engineer
Atlanta, Georgia, United States$125k–$156kmidAdded today
About this role
Join the Security Operations Center as a Security Operations Engineer to detect, investigate, and respond to cybersecurity threats against a large-scale hybrid cloud environment. You'll combine threat hunting, incident response, and security automation to protect sensitive data while collaborating across teams to strengthen overall security posture.
What you'll do
- Monitor network, server, endpoint, database, and application activities to identify compromise indicators while minimizing false positives
- Automate alert collection, prioritization, and incident response workflows through process improvements
- Lead incident response investigations, conduct root cause analysis, and manage remediation efforts
- Drive proactive threat hunting program using MITRE ATT&CK framework to identify emerging threats
- Develop and maintain security detections and incident response playbooks using YAML and JSON
- Evaluate security technologies and mentor business units on cybersecurity best practices
What they're looking for
- SIEM platform operations and alert tuning
- Intrusion Detection/Prevention Systems (IDS/IPS)
- Incident response and threat investigation
- Scripting/programming (Python, Bash, PowerShell)
- MITRE ATT&CK framework application
- Log parsing, grok patterns, and regular expressions
- Cloud environments (AWS, GCP, O365)
- Technical writing for regulated industry reporting
Likely interview questions
- Describe your experience tuning SIEM alerts to reduce false positives while maintaining detection effectiveness.
- Walk us through how you've used the MITRE ATT&CK framework to design detection rules or improve threat hunting.
Opens the official application on the employer’s site. No login required.