SecOps Engineer

Job Description

Job Description

• For local candidates who live within 45 miles of our Holland, OH headquarters, this role is hybrid after 60-day orientation period.
• For candidates outside of local area, this role would be primarily remote, but must be open to travel to HQ as required by the manager.
• Must live in the following states to be considered: Ohio, Michigan, Indiana, Illinois, Tennessee, Texas, Colorado, Montana, Rhode Island, Florida, Massachusetts, Nevada.
• Must be able to work business hours of 8:30am-5:00pm EST in addition to occasional off-hours deployments or crisis resolution.

Midwest Tape is currently seeking a Security Operations Engineer with a cloud-first (AWS) and AI-aware security focus to advance our security operations program. We are looking for a SecOps Engineer to strengthen our security operations team. This role is intentionally balanced across three core areas: ~50% AWS cloud security, ~25% securing AI and emerging intelligent systems, and ~25% general security operations.

The role is primarily responsible for protecting AWS-hosted infrastructure and services. Maintaining effective security monitoring and incident response capabilities across environments. Helping automate processes and improving our security infrastructure. Also ensuring the secure use of AI and LLM technologies across the organization. This position is ideal for someone with years of security experience who wants to take on more ownership and contribute to shaping day-to-day operations and long-term security strategy.

As part of our IT Product Development team, you will work closely with infrastructure, DevOps, database, and developer teams to ensure consistency and enhance our security posture. You will also collaborate with administrators and end users to provide technical support and identify new requirements. Communication, documentation and organization skills are key for this position, along with a problem-solving attitude.

Position Summary

The Security Operations Engineer is responsible for supporting and advancing Midwest Tape’s security operations program with a primary focus on AWS cloud security, AI and emerging technology security, and broader security operations activities. This role is accountable for protecting AWS-hosted infrastructure and services, strengthening monitoring and incident response capabilities, improving security automation, and promoting the secure use of AI and large language model technologies across the organization.

The position is structured across three primary functional areas: approximately 50% AWS cloud security, 25% AI and intelligent systems security, and 25% general security operations. Core responsibilities include securing cloud infrastructure, identifying and responding to threats, managing vulnerabilities and misconfigurations, enhancing operational processes through automation, and contributing to both day-to-day security operations and longer-term security maturity objectives.

This role works closely with infrastructure, DevOps, database, and software development teams to promote consistent security practices and strengthen the organization’s overall security posture. The position also partners with administrators and end users to support implementation needs, assess technical requirements, and maintain effective documentation, communication, and coordination across security initiatives.

Primary Duties and Responsibilities

To perform this position successfully, an individual must fulfill the knowledge, skill, and/or ability requirements listed below.

AWS

• Lead AWS security operations across a multi-account organization, including monitoring, detection, investigation, containment, and response.
• Secure core AWS services including IAM, SCPs, EC2, EKS, S3, RDS, Lambda, CloudTrail, GuardDuty, Security Hub, Config, VPC, SGs, WAF, Shield, among other services.
• Design and maintain least-privilege architectures, credential management, cross-account role access, and identity governance controls.
• Implement new solutions and migrate existing solutions through Infrastructure as Code (IaC), specifically, Terraform.
• Conduct cloud vulnerability and misconfiguration management, prioritizing remediation based on risk, exploitability, and business impact.
• Automate cloud security operations when and where the use case best suits.
• Develop documentation and maintain incident response playbooks, escalation procedures, and response automations.

AI

• Partner with DevOps and engineering teams to integrate security into CI/CD pipelines, software development, and infrastructure as code. (GitHub Advanced Security, GitHub Actions).
• Monitor emerging threats, attack techniques, and best practices related to AI, GenAI, and LLM security.
• Implement guardrails for data privacy, access control, logging, and monitoring in AI and LLM workflows.

General Security Operations

• Conduct security monitoring, detection, and incident response across cloud, on-prem, and hybrid environments.
• Participate in an on-call rotation for security incident response.
• Drive vulnerability management programs, prioritizing risks based on business impact.
• Manage and tune SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), and EDR (Endpoint Detection and Response) platforms, with emphasis on high-fidelity alerts and automation.
• Perform threat hunting and root-cause analysis using cloud, endpoint, and application telemetry.
• Collaborate with leadership to refine KPIs, incident response metrics, and security maturity goals.
• Research and evaluate emerging security threats, tools, and technologies to enhance detection and response.
• Play a supporting role across NIST functions and act as the technical backbone to turn policy and risk decisions into working security controls.
• Perform all other functions as required, including any work assignments relating to the efficient flow of work within Midwest Tape.
• Mentor junior and mid-level security engineers and promote operational excellence.

Strategic Responsibilities

• Contribute to the SecOps roadmap by identifying areas for operational improvement and future capability building.
• Collaborate with InfoSec leadership to align security operations with overall risk management and compliance objectives.
• Participate in the evaluation and selection of security tools, services, and vendors.
• Define and track SecOps KPIs and SLAs to measure effectiveness and drive continuous improvement.
• Provide input into budget planning for SecOps tools, training, and headcount needs.
• Act as a subject matter expert in executive-level security discussions, audits, and compliance reviews.

Preferred Skills and Competencies

• Strong knowledge of operating systems, including macOS, Linux, and Windows, as well as networking and AWS cloud environments.
• Proficiency in scripting and automation for security operations using tools such as Python, PowerShell, and Bash.
• Knowledge of common attack techniques and security frameworks, including MITRE ATT&CK, NIST, and CIS.
• Familiarity with compliance and regulatory frameworks, with emphasis on NIST.
• Proficiency with AI-powered development and productivity tools.
• Strong decision-making skills and sound judgment in high-pressure security incidents.
• Ability to produce clear, concise, and audience-appropriate technical documentation, including playbooks, runbooks, post-incident reports, escalation procedures, and security standards.
• Effective written and verbal communication skills for technical and executive audiences.
• Leadership, collaboration, and mentoring skills, with the ability to support team development and align security priorities with business objectives.

Preferred Education

• B.S., M.S., in software engineering, computer science, related field or relevant experience.
• AWS Security, Advanced Networking or related certifications.

Preferred Experience

• 5+ years of progressive experience in security operations, incident response, or a closely related cybersecurity function.
• Hands-on experience securing AWS environments, including monitoring, detection, investigation, access management, and cloud security controls.
• Experience with infrastructure as code in a shared repository environment, including implementation and maintenance of Terraform-based solutions.
• Demonstrated experience leading or supporting security incident response efforts, including investigation, containment, remediation, and post-incident analysis.
• Experience working cross-functionally with infrastructure, DevOps, engineering, or related technical teams to implement security controls and improve operational maturity.

Physical Requirements / Work Environment

The work environment characteristics and physical demands described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Ability to regularly sit for extended periods of time.
• Perform repetitive motion-type tasks.
• Must be physically present for meetings, presentations, and training.
• Ability to work on-site in a team environment.

About the Company:

What started in 1989 as a family-owned video rental store grew into a trusted partner dedicated to helping libraries thrive. A single suggestion to sell VHS tapes (remember those?) to public libraries inspired our founder, John Eldred to start Midwest Tape LLC – and set our mission in motion.

Fast forward to over 35 years later, we provide libraries across North America, New Zealand, and Australia with innovative products and equitable access to content. Backed by a passion for exceptional service and a deep understanding of library needs, we fuel libraries with unparalleled access to top-tier media content including physical media (audiobooks, DVDs, CDs, and read-a-longs) as well as our digital platform, Hoopla Digital.

Hoopla, available on iOS, Android, and desktop, combines our decades of media expertise with modern technology to deliver an all-in-one experience for libraries and their patrons. With one of the strongest catalogs in the digital library space, Hoopla empowers libraries to reach patrons wherever they are.

We proudly partner with our library partners and content providers to strengthen communities through access to educational resources and entertainment experiences. Since 1989, our commitment has remained the same: supporting libraries with solutions that make a difference because strong libraries build healthy communities.

Benefits:

• Medical, dental, & vision insurance
• 401k + match
• Profit sharing
• Paid vacation and personal time
• Flex time
• 10 paid holidays
• Company performance bonus
• Holiday bonus
• Paid time to volunteer
• Parental leave
• Training & career development opportunities

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. We are currently unable to sponsor employment visas. All candidates must have authorization to work in the U.S. without current or future sponsorship.

• #LI-Hybrid #LI-Remote