Security Engineer II

Metropolis Metropolis · Vertical AI · Chicago, IL +8 · Technical Operations

Security Engineer II role focused on protecting company systems, data, and users by monitoring, investigating, and responding to security alerts and incidents. Responsibilities include improving threat detection, conducting forensic analysis, administering security technologies, supporting vulnerability management and identity access management, securing cloud environments, and developing automation scripts. Requires experience in cybersecurity, incident response, and administering security technologies, with a strong understanding of various security domains. Scripting/automation skills are necessary, with experience in specific security tools and compliance frameworks being a plus.

What you'd actually do

  1. Monitor, investigate, and respond to security alerts and incidents across multiple platforms
  2. Improve threat detection capabilities through alert tuning, rule creation, and proactive threat hunting
  3. Conduct forensic evidence collection and collaborate with external MDR providers
  4. Administer, configure, and maintain enterprise security technologies and infrastructure integrations
  5. Troubleshoot platform issues and serve as an operational escalation point

Skills

Required

  • 3+ years of experience in cybersecurity, security operations, systems administration, or a related field
  • Experience investigating security incidents and responding to security alerts
  • Experience administering core enterprise security technologies
  • Demonstrate understanding of endpoint, network, identity, vulnerability, incident, and cloud security
  • Experience with Windows, macOS, and cloud-based environments
  • Ability to analyze logs and security telemetry across multiple systems
  • Experience with scripting or automation using PowerShell, Python, or similar languages
  • Possess strong troubleshooting, analytical, and problem-solving skills

Nice to have

  • Experience with CrowdStrike, Trend Micro, Proofpoint, Qualys, JumpCloud, AWS, Atlassian, KnowBe4, or Automox
  • Experience supporting PCI DSS, SOC 2, or other compliance frameworks
  • Experience with threat hunting, detection engineering, or security automation
  • Experience with cloud security in AWS environments
  • Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, or equivalent

What the JD emphasized

  • primary operator for core security platforms
  • independently manage incidents
  • improve our overall security posture