← All Roles
Posted Jun 2, 2026

Security Operations Administrator

Position Overview MetroSys is seeking a dependable and detail-oriented Security Operations Administrator for a short-term contract engagement supporting a client’s security monitoring and response operations. This role is responsible for reviewing, triaging, documenting, and responding to alerts generated across the client’s security platforms and infrastructure environment. The ideal candidate has hands-on experience with endpoint security, email security, identity-related alerts, and incident response workflows, and can work independently while coordinating with help desk and infrastructure teams as needed. This role is structured around a daily operational review window (~2 hours per day) while supporting a 24/7 alerting environment. Key Responsibilities Review and respond to security alerts and tickets generated from the client’s monitoring and security platforms Investigate and triage alerts related to:Endpoint security events Email threats and phishing activity Suspicious authentication attempts Firewall and network security events Perform incident response activities including:Documentation Initial remediation actions Escalation and coordination Post-mortem reporting Validate email and phishing-related incidents using:Mimecast KnowBe4 / PhishER / PhishRip workflows Monitor and respond to endpoint alerts within:Sophos EDR/XDR Sophos Intercept X Advanced Investigate identity and authentication alerts from Microsoft environments, including:Sign-in risk events Suspicious token or authorization activity IP/location anomalies Support security investigations involving:Sophos firewall alerts Fortinet networking environments MFA and authentication platforms (including YubiKey environments) Coordinate with client help desk and infrastructure teams for remediation support and escalation handling Maintain accurate documentation of incidents, actions taken, and recommendations Required Qualifications 3+ years of experience in security administration, SOC operations, or security incident response Hands-on experience with:Mimecast KnowBe4 / phishing remediation workflows Sophos EDR/XDR and Intercept X Microsoft 365 security and sign-in risk analysis Understanding of:Security incident response workflows Endpoint and network security concepts Identity and access management fundamentals Experience reviewing and analyzing security alerts and event data Strong documentation and communication skills Ability to work independently and manage daily operational responsibilities efficiently
Apply for This Position

Similar Remote Roles

Clothing Product & Sourcing ManagerMay 20, 2026Speech Language Pathologist - Spanish Speaking job at All Care Therapies in Anaheim, CAMay 23, 2026Remote Member Relations AssociateMay 20, 2026Especialista en ObservabilidadJun 4, 2026IT Technical Product OwnerJun 4, 2026Junior Corporate Learning Coordinator Junior Corporate Learning CoordinatorJun 2, 2026Digital Content Manager - UKJun 1, 2026Experienced Data Entry Clerk – Virtual Opportunity for Career Growth and Development at careerzynithJun 3, 2026Experienced Customer Success Associate – Evening, Full Time (REMOTE) at careerzynithJun 4, 2026Loss Mitigation - CollectorJun 1, 2026SOC AnalystMay 24, 2026Remote Client Support RepresentativeJun 1, 2026Remote Client Support ConsultantJun 2, 2026Remote Team Performance ManagerMay 18, 2026Experienced Full Stack Customer Service Representative – Virtual Customer Experience ExpertMay 31, 2026