If you’re solid on the fundamentals and ready to level up fast, this role puts you in the middle of real security work: alert triage, vuln management, incident support, and automation. You’ll partner closely with senior SecOps and offshore teams to keep detections tight, remediation moving, and playbooks getting smarter over time.
About RethinkFirst
RethinkFirst is a behavioral health technology company making mental wellness, education, and support more accessible and scalable. Through platforms like RethinkEd, RethinkCare, and RethinkBH, they serve educators, employers, and providers with tools designed to deliver measurable, inclusive outcomes.
Schedule
Full-time | Remote
Remote eligibility: AL, AZ, CT, FL, GA, HI, IL, IN, KY, LA, MD, MA, MI, MN, MO, NC, NE, NH, NJ, NV, OH, OR, PA, RI, TN, TX, VA, WA, WI
What You’ll Do
- Review alerts escalated from a third-party SOC, perform initial triage, and document findings
- Execute defined response actions under senior guidance and contribute to incident investigations
- Maintain and improve security playbooks, runbooks, and knowledge base articles
- Assist with endpoint, identity, and cloud security monitoring
- Run recurring vulnerability scans (Tenable, Defender, etc.), verify remediation, and track progress to closure
- Track vulnerability SLAs and produce periodic metrics for leadership reporting
- Support automation efforts by testing and maintaining scripts/workflows and validating pipeline/dashboard data
- Help with tool integrations and API connections (EDR, SIEM, Jira, MDM, etc.)
- Participate in after-action reviews and lessons-learned sessions
- Collaborate with offshore SecOps engineers to standardize procedures and share knowledge
- Support compliance teams by providing data for audit evidence and control validation
What You Need
- 1–3 years of experience in IT, security operations, or system administration
- Foundational knowledge of cloud environments (Azure, AWS)
- Familiarity with SIEM tools (Sentinel, DataDog) and EDR platforms
- Basic scripting/automation skills (Python or PowerShell preferred)
- Understanding of common attack vectors and frameworks (MITRE ATT&CK, NIST CSF)
- Strong documentation and organizational skills
Benefits
- Health, dental, and vision coverage
- Flexible paid time off
- 11 paid company holidays
- 401(k) with matching
- Parental leave
- Access to RethinkCare platform supporting neurodiversity, resilience, and wellbeing
Here’s the real question before you get excited: are you aiming to be a future senior SecOps engineer or are you trying to stay “ticket-comfortable”? Because this role rewards the first mindset. If you want to grow, tailor your resume to show three things: clean incident documentation, measurable vuln remediation tracking, and at least one automation you built or improved.
Happy Hunting,
~Two Chicks…