Job Description
Who we are:
Field Nation brings companies and service professionals together through an integrated, easy-to-use platform. We support businesses looking to grow their service offerings while also empowering technicians to leverage their skills on their own terms. Our mission is to help the service delivery industry do great work, and we live that mission by doing great work for the companies and service professionals that depend on us.
Why is this role important to Field Nation?
The Information Security team works across Field Nation to protect the platform, our customers’ data, and the systems engineers rely on to build and ship software. As a Sr. Security Operations Engineer, you will lead Field Nation’s security operations capabilities — owning detection engineering, incident response, and proactive threat hunting. This is a hybrid engineer-analyst role: you will build the systems that detect and contain threats, respond to the most complex security incidents, and raise the security bar across the organization.
You’ll join a small, high-ownership security team with foundational tooling in place and significant opportunity to shape how our detection and response capabilities scale. You will partner directly with engineering, product, and IT to embed security into how Field Nation operates — not as a gatekeeper, but as a force-multiplier. And you will help build AI-powered tooling that accelerates the speed and quality of our security operations, working at the frontier of what modern SOC capabilities look like.
What you’ll do:
Serve as the final escalation point for complex security incidents — leading containment, eradication, recovery, and post-incident review, and coordinating response across engineering, IT, legal, and leadership.
Perform digital forensics (disk, memory, network, and cloud) to determine root cause, support evidence preservation, and produce clear findings for technical and non-technical stakeholders.
Participate in a formal on-call rotation, serving as the primary responder for critical security incidents outside of business hours.
Own detection engineering: write and maintain SIEM correlation rules, develop behavioral analytics, and manage detection-as-code pipelines that keep pace with an evolving threat landscape.
Monitor and tune EDR, SIEM, and cloud-native security tooling (SentinelOne, Wiz Defend, AWS GuardDuty, DataDog) to maintain high-confidence detections and reduce alert fatigue.
Conduct proactive, hypothesis-driven threat hunts using MITRE ATT&CK, threat intelligence feeds, and behavioral analytics across endpoints, network, and cloud environments.
Build and maintain SOAR playbooks that automate high-volume, repetitive response workflows — reducing analyst toil and improving response consistency.
Identify and implement agentic workflows that accelerate security operations — building LLM-powered automation for alert triage, attack chain summarization, detection logic generation, and runbook drafting, with appropriate human-in-the-loop controls and output validation before any AI-generated security content is acted on.
Own detection and response coverage for AI-specific threats — building detection rules for AI application anomalies, prompt injection attempts, excessive agent permission use, and RAG pipeline abuse, mapped against the OWASP LLM Top 10 and MITRE ATLAS framework to identify and close detection coverage gaps.
Use AI coding assistants (Claude Code and GitHub Copilot) as force-multipliers in your daily workflow — drafting automation scripts, detection rules, and infrastructure code, while applying the same critical review to AI-generated output as you would to any peer pull request.
Maintain clear, rigorous documentation — incident reports, threat hunt findings, detection rationale, and runbooks — that builds organizational knowledge and supports audit readiness.
What you’ll need:
Bachelor’s Degree in Computer Science, Cybersecurity, Information Systems, or related discipline, or equivalent experience.
Minimum of 5 years of experience in cybersecurity, with at least 3 years focused on security operations, incident response, or a SOC environment.
Hands-on depth with SIEM platforms — Splunk (SPL), Microsoft Sentinel (KQL), or equivalent — including building and tuning complex correlation rules, not just running queries.
Practical experience with EDR platforms (SentinelOne strongly preferred) and a solid understanding of endpoint telemetry, memory processes, and detection tuning across Windows, macOS, and Linux.
Proficiency in Python for scripting detection logic, automation workflows, and investigation tooling. PowerShell and Bash proficiency a plus.
Working knowledge of SOAR platforms (Splunk SOAR/Phantom, Cortex XSOAR, or similar) and demonstrated ability to build — not just execute — automated playbooks.
Solid grounding in AWS security services (GuardDuty, Security Hub, CloudTrail, IAM) and experience conducting investigations in cloud-native environments.
Deep familiarity with MITRE ATT&CK as a practical framework for threat hunting, detection coverage mapping, and adversary emulation — not just as a reference.
Experience performing digital forensics, including evidence collection, memory analysis, log correlation, and articulating findings in written and verbal post-incident reviews.
Relevant certifications valued: CISSP, GCIH, GCFA, GREM, OSCP, or cloud security credentials (AWS Security Specialty). Preferred but not required.
Creative problem solver who questions inherited processes and redesigns them for scale. You see alert fatigue as an engineering problem, not an analyst problem.
Proven ability to operate with urgency and clarity under pressure, lead cross-functional response without direct authority, and keep stakeholders informed without overwhelming them.
Familiarity with AI coding assistants (Claude Code, GitHub Copilot, or equivalent) as active workflow tools — directing them for complex tasks like automation scripting, detection drafting, and technical documentation, with the judgment to know when to trust the output and when to rewrite it.
Working familiarity with the OWASP LLM Top 10 and MITRE ATLAS framework as practical tools for threat modeling LLM-backed systems and identifying detection coverage gaps. Curiosity about agentic SOC automation valued over deep prior expertise.
Strong written and verbal communicator who translates complex threat scenarios into language that resonates with engineers, executives, and board members alike. You elevate the team around you through coaching and knowledge sharing.
Working Hours:
- 1:00 PM - 10:00 PM (BD Time), Monday to Friday
- Weekly 2 days in-office, 3 days remote (Hybrid)
Salary Range:
- BDT 150,000 - 210,000 (Monthly)
Why we think you’ll love it here:
At Field Nation, we believe great work deserves great support. Here’s a snapshot of the benefits designed to reward performance, support well-being and create an enjoyable workplace experience.
1. Compensation & Financial Rewards
Because hard work should feel like winning.
Field Nation LLC Performance Reward – Because every citizen of Field Nation deserves a stake in the win!
Festival Bonus – Celebrate the big festivals with some extra cheer (and cash!).
Referral Bonus – Incentives for successful employee referrals.
Gratuity – Honoring your long-term dedication
Leave Encashment – Opportunity to encash unused annual leave balance at year-end.
2. Health & Wellness
Your body, mind, and family matter.
Medical Insurance – Comprehensive health coverage for employees and their immediate family (spouse and children).
Gym Membership – Stay fit, active, and energized.
3. Daily Operations & Office Perks
Complimentary Lunch / Dinner – Because good work needs good food.
Unlimited Tea & Coffee – Keep the energy flowing.
Transportation – Helping you get to work hassle-free.
Mobile Data Allowance – Allowances to ensure connectivity.
4. Professional Development
- Career Development Budget – Dedicated funds for professional learning and growth.
5. Culture, Events & Time Off
Fostering work-life balance and strong team connections.
- Work Model: Hybrid (2 days in-office, 3 days remote per week) – balance is key.
- Summer & Winter Field Weeks – Two annual team retreats to connect, collaborate, and recharge.
- Quarterly Team Outing Budget – Enjoy exciting activities and quality time with your team to bond, relax and celebrate together.
- Occasional Gifts – Surprises and gifts to celebrate milestones & welcome new faces.
- Leave Benefits:
- Maternity Leave
- Paternity Leave
- Hajj/Umrah Leave
- Paid Time Off – Take the time you need! Covers annual, casual, and sick leave so you can recharge and come back ready to shine.
Why Field Nation?
At Field Nation, we are breaking the barriers to work and enabling the gig economy. We’re a tech company that offers a web-based marketplace solution for buyers and sellers of contract services to simply connect, work, and manage their business. We look for collaborators, innovators, and problem solvers to join us in our common purpose of changing the way work gets done. We were named a Top Workplace by the Star Tribune in 2017, 2018, 2019, and a Top 150 Workplace in 2020. We look to hire extraordinary people and provide them extraordinary benefits.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
