Senior Operations Engineer

Position Overview

Column Technical Services is seeking a driven and technically adept Senior Operations Engineer to strengthen its Information Security program in NY, NY. This individual will play a key role in uncovering sophisticated threats, leading investigative efforts, and enhancing detection capabilities across a large, complex enterprise. A strong foundation in systems engineering, security operations, and offensive/defensive security methodologies is essential, as the role requires immediate contribution to threat hunting, detection engineering, and incident response initiatives. If you're a Threat Hunting Engineer driven by curiosity, energized by challenging adversaries, and eager to make a measurable difference in a mission‑critical environment, this is the place where your expertise can make a real impact. Submit your application and let's begin the conversation.

Location: NY, NY
Schedule: Hybrid (Candidates must reside in NY, NJ, PA, or CT)

Key Responsibilities

• Perform continuous, proactive threat hunting across on‑premise, cloud, and networked environments.
• Create, test, and refine hypotheses informed by threat intelligence, adversary tradecraft, and evolving attack patterns (MITRE ATT&CK).
• Examine extensive log, endpoint, and network telemetry to uncover anomalies or indicators of malicious activity.
• Develop and maintain custom detections, scripts, and automated workflows to enhance hunting speed and accuracy.
• Partner closely with SOC analysts, red team members, and incident responders to validate discoveries and remediate detection blind spots.
• Improve visibility and resilience by engineering enhancements to logging pipelines, telemetry sources, and security tools.
• Document findings, produce post‑hunt reports, and contribute to internal knowledge sharing and process improvement.

Required Qualifications

• 5-7 years of experience in at least two of the following areas: SOC operations and incident response, Red or Blue Team engagement, Penetration testing, and incident response activities.
• Bachelor's degree in Information Security, Computer Science, or a related discipline.
• Strong understanding of attacker behaviors, TTPs, and the MITRE ATT&CK framework.
• Solid background in systems or network engineering, including hardening and securing Windows, Linux, and cloud environments.
• Hands‑on experience reviewing logs, packet captures, or endpoint data to identify compromise indicators.
• Proficiency in at least one scripting or programming language (Python, PowerShell, Bash, etc.).
• Demonstrated analytical thinking, problem‑solving ability, and a proactive approach to investigation.

Preferred Qualifications

• Experience working with SIEM, EDR, or threat intelligence platforms.
• Knowledge of cloud security principles and technologies (Azure, AWS, etc.).
• Prior involvement in building detection logic or authoring threat hunting playbooks.
• Relevant security certifications such as eCTHP, OSCP, CCTHP, GCFA, CISSP, or similar.