Senior Security Engineer -- SOC Analyst (Senior Elastic Security)

Information Technology & Security Cleveland, Ohio

Apply

Description

This position will require you to be in Cleveland, OH 
We are in a hybrid schedule, 2 days on campus and 3 days WFH

OverDrive is hiring a Security Engineer to help build, tune, and respond to SIEM detections for our environment. You’ll be responsible for connecting the dots between alerts and root cause, improving signal-to-noise, and documenting decisions during declared incidents for after-action review.  
This role is ideal for someone who enjoys both hands-on security investigations and detection engineering—including improving alert fidelity, strengthening telemetry, and building repeatable operational processes.

What You’ll Do (responsibilities):

Detection engineering & SIEM operations

  • Build, tune, and respond to SIEM alerts to ensure high-risk notifications stand out from noise and are handled appropriately.  
  • Investigate anomalous activity to determine root cause; scope indicators of compromise/attack across the enterprise.  
  • Build and maintain SIEM dashboards and high-priority alerts that highlight organizational risk.  
  • Identify trends and search for threat actor activity across the enterprise environment.  
  • Perform SIEM data retention planning, forecasting, and optimization.  

Incident response & process maturity

  • Serve as an incident response lead during security incidents, coordinating investigation and response activities and documenting events and decisions.
  • Ensure Incident Response processes and procedures are kept up to date for identified business risks; create new processes as needed.  
  • Participate in Incident Response activities and tabletop exercises to coordinate security response efforts.  

Collaboration, metrics, and enablement

  • Collaborate with red-team members in the creation of behavior-based signatures in response to newly identified malicious activity or threats.  
  • Advocate security best practices throughout the company and provide guidance to technical and non-technical audiences.  
  • Develop metrics for monitoring the effectiveness of controls within your focus area.  
  • Participate in weekly security team meetings.  

On-call expectations

  • Participate in a shared on-call rotation.  

What You’ll Bring (required):

  • 5+ years of related experience.  
  • Hands-on experience with Elastic Security (or comparable SIEM platforms) and detection engineering (rule tuning, exceptions, dashboards).
  • Willingness to work in a hybrid work model in Cleveland, OH.  
  • Technical knowledge of both Windows and Linux operating systems.  
  • Excellent interpersonal/communication skills; well organized with strong attention to detail and ability to prioritize work.  

What will help you stand out (preferred)

  • Experience improving telemetry coverage and onboarding new security-relevant data sources (cloud, identity, network/security tooling).  
  • Comfort operating with high autonomy—balancing investigation work, detection improvements, and process/runbook development.

What’s Next:

As you’ve probably guessed, OverDrive is a place that values individuality and variety. We don’t want you to be like everyone else, we don’t even want you to be like us—we want you to be like you! So, if you're interested in joining the OverDrive team, apply below and tell us what inspires you about OverDrive and why you think you are perfect for our team.
OverDrive values diversity and is proud to be an equal opportunity employer.

Apply Apply Later
← Back to Current Openings

Share