Security Operations Engineer

About Lantern

Lantern is the specialty care platform connecting people with the best care when they need it most. By curating a Network of Excellence comprised of the nation's top specialists for surgery, cancer care, infusions and more, Lantern delivers excellent care with significant cost savings to employers and their workforces. Lantern also pairs members with a dedicated care team, including Care Advocates and nurses, for the entirety of their care journey, helping them get back to good health, back to their families and back to work. With convenient access to specialists nationwide, Lantern means quality care is within driving distance for most. Lantern is trusted by the nation's largest employers to deliver care to more than 6 million members across the country. Learn more about us at lanterncare.com. 

About You:

• You use LOGIC in your decision making and understand that progress is critical to making change. You focus on the execution of your content while balancing a fast-paced environment and you take the time to celebrate both the small & big wins. 
• INCLUSION is a core tenant of your personal beliefs. A diverse and inclusive environment is incredibly important to you. You understand and desire to be a part of a diverse team with different experiences and perspectives & you cherish the differences in each individual that you interact with.
• You have the GRIT, drive and ambition to tackle big problems. Big problems require big ideas and a team that supports new ideas. 
• You care deeply for your customers are driven to keep HUMANITY in all decisions. Your customers aren’t just the individuals using your product. They are the driving factor in your motivation to make a change.
• Integrity guides you in life. Focusing on the TRUTH vs. giving people the answers they want to hear. 
• You thrive in a Team Environment. Collaboration is key in innovation and creating change.

These pillars of LIGHT are a reminder to our team that we are making a difference by providing guidance and support in navigating the often complex and confusing landscape of healthcare. We hope that through this LIGHT, individuals can find their way to the best care, resources, and support they need to get back to life. 

If this sounds like you, we would love to connect to speak further about career opportunities at Lantern.

Please apply to our role & someone from our Talent Acquisition Team will reach out to help you navigate our interview process.

Lantern is seeking a Security Operations Engineer who will help defend a healthcare organization operating at the intersection of patient care, claims data, and fast-moving cloud and AI workloads. You'll join a tight-knit security team that owns detection engineering, incident response, threat hunting, and the operational health of our security stack with real influence over how that stack evolves. On any given week, you might tune detections in the SIEM, MSSP on MDR escalations, push policy changes in EDR and NDR, harden Policies, validate Vulnerability findings, or operationalize new telemetry from ISP, DLP, and EDR.

We're looking for someone with 4+ years of security operations experience who thinks like an engineer and operates like a hunter comfortable in Azure, fluent enough in Python or PowerShell to eliminate toil, curious enough to chase weak signals across cloud and endpoint logs, and disciplined enough to document what they build so the next person can extend it. You'll balance detection and response work with the automation and tuning that makes both faster, and you'll partner closely with GRC, IT, and legal to keep our HIPAA, HITRUST CSF v11, and SOC 2 Type II commitments meaningful in practice not just on paper. What we care about most is your judgment, your curiosity, and your willingness to make the team better than you found it.

Location: Hybrid - at least 3 days/wk in our Dallas, TX offices

Key Responsibilities:

• Monitor, triage, and investigate alerts across SIEM, EDR, NDR, and DLP platforms
• Lead or support incident response activities including scoping, containment, eradication, and post-incident review in alignment with NIST SP 800-61r2
• Develop, tune, and maintain detection rules, correlation queries, and behavioral models across the security stack
• Conduct threat hunting exercises using structured methodologies (MITRE ATT&CK, hypothesis-driven)
• Build and maintain security automation workflows to reduce manual triage and accelerate response (Python, PowerShell, GitHub Actions, REST APIs)
• Integrate security tooling with ticketing and workflow platforms (Jira) for consistent case management and SLA tracking
• Contribute to SOAR playbook development and refinement
• Support vulnerability management operations including Tenable scan management, findings triage, and Jira-based remediation tracking
• Maintain and optimize SIEM content, log pipelines, and data sources; ensure complete and accurate log ingestion from cloud, endpoint, network, and identity layers
• Manage and tune EDR policies, exclusions, and response actions within CrowdStrike Falcon
• Support DLP policy operations, including investigation support for policy violations
• Maintain firewall log visibility and coordinate with network/infrastructure teams on Fortinet policy enforcement
• Support evidence collection and control testing for HITRUST CSF v11 and SOC 2 Type II assessments
• Contribute to security documentation including runbooks, playbooks, and operational procedures
• Participate in tabletop exercises and contribute to lessons-learned outcomes
• Support identity and access-related security reviews in collaboration with the IAM/infrastructure team
• Monitor and investigate anomalous activity associated with AI agent infrastructure, API integrations, and LLM-based services
• Contribute to security controls and detection coverage for AI workloads under the organization’s AI governance framework
• Help develop behavioral baselines and detection logic specific to AI/agentic traffic patterns

Requirements:

• A minimum of 4+ years of experience in a Security Operations Center (SOC), IT security, or related security operations role
• Hands-on experience with a SIEM platform (Sumo Logic, Splunk, Microsoft Sentinel, or equivalent); ability to write and tune detection queries
• Proficiency with EDR platforms (CrowdStrike Falcon strongly preferred)
• Working knowledge of network security fundamentals including firewalls, IDS/IPS, and network traffic analysis
• Scripting proficiency in Python and/or PowerShell for automation and tool integration
• Familiarity with cloud security concepts (Azure or AWS); experience investigating cloud-native log sources (Entra ID, Azure AD Sign-in Logs, CloudTrail, etc.)
• Understanding of compliance-driven security operations in regulated environments (HIPAA, SOC 2, or HITRUST preferred)
• Strong written communication skills for documentation, escalation, and stakeholder reporting
• Exceptional interpersonal, organizational, and communication skills and ability to internalize and exemplify Lantern’s LIGHT Values.

Strong Candidates Will: 

• Experience working in a mature SOC environment with defined playbooks and runbooks.
• Familiarity with AI/agentic system risks including prompt injection, data exfiltration via AI interfaces, and audit log analysis for LLM-based tooling.
• Experience with NDR platforms (Darktrace or equivalent)
• Familiarity with DLP tools and PHI/PII investigation workflows
• Exposure to vulnerability management programs (Tenable.io or equivalent)
• Experience building CI/CD-integrated security automation (GitHub Actions, Azure DevOps)
• Familiarity with MISP or other threat intelligence platforms
• Experience with identity governance platforms (Saviynt, CyberArk, or equivalent)
• Exposure to AI/ML workload security or API security monitoring
• GCIA, GCIH, GCED, CySA+, or equivalent certifications
• Security certifications such as CompTIA Security+, CySA+, SC-200, GCIA, or equivalent.
• A continuous learning mindset with interest in emerging threats, AI/agentic system risks, and evolving security technologies.

Benefits

• Medical Insurance
• Dental Insurance
• Vision Insurance
• Short & Long Term Disability
• Life Insurance
• 401k with company match
• Flexible Time Off
• Paid Parental Leave

Lantern does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.