Join Rocket EMS – Building Tomorrow’s Technology Today

At Rocket EMS , we don’t just build circuit boards — we bring cutting-edge technology to life. From Silicon Valley to Northern Nevada, our teams manufacture mission-critical electronics for the world’s most innovative companies. If you want to be part of a fast-growing team that pushes the limits of what’s possible, we have opportunities for you.

🚀 Why Rocket EMS?

• Be part of a team building cutting-edge electronics used in aerospace, medical, automotive, and high-tech industries.
• Work with advanced equipment in modern facilities located in California and Nevada .
• Grow your skills and career in a company that values precision, innovation, and teamwork

Position Summary

Rocket EMS is seeking a highly skilled, hands-on Senior Cybersecurity SOC Engineer to join our elite, fast-growing Cybersecurity team. This is not a SOC Analyst, GRC, or managerial-only role — we’re looking for a true technical Subject Matter Expert (SME) with deep experience in SOC engineering, threat hunting, incident response, and cloud security.

Reporting to the Cybersecurity Manager , you will own and shape our SOC engineering practice across Microsoft Sentinel SIEM/SOAR , CrowdStrike EDR , Microsoft Defender for Endpoint (MDE) , Palo Alto Firewalls/IPS/IDS , CNAAP , and Azure cloud environments. You’ll lead the development and execution of Incident Response plans, tabletop exercises, threat hunting initiatives, alert optimization, and SOC automation projects.

Key Responsibilities

• SOC Engineering & Optimization – Build, configure, and optimize Microsoft Sentinel SIEM/SOAR for on-premises and cloud environments; tune alerts, dashboards, and analytic rules.
• Threat Hunting & Investigation – Conduct proactive threat hunting and deep-dive investigations across endpoints, network, on-prem, and Azure workloads.
• SOAR Integration & Automation – Design and maintain automated playbooks leveraging Sentinel , CrowdStrike , MDE , and Palo Alto platforms; script automation in KQL , Python , and PowerShell .
• Incident Response Leadership – Develop and maintain enterprise Incident Response (IR) plans; lead tabletop exercises and coordinate IR efforts across teams.
• Cloud Security – Implement and investigate threats within Azure environments, including Microsoft 365 security , Entra ID (Azure AD) , Conditional Access , and adaptive MFA.
• Data Feed Management – Onboard, normalize, and optimize log/data feeds from endpoints, networks, and security platforms.
• Detection Engineering – Develop and fine-tune KQL queries , UEBA rules , and automation scripts for actionable threat detection.
• Collaboration & Mentorship – Partner with Managed SOC teams, IT, and other stakeholders to optimize operations; mentor junior engineers.
• Continuous Improvement – Conduct SOC gap analyses, enhance alert prioritization, and improve overall operational efficiency.

Required Experience & Skills

• U.S. Citizen or Green Card holder (required)
• 7+ years of hands-on SOC engineering or cybersecurity experience
• Deep technical expertise in:
• Microsoft Sentinel SIEM/SOAR (alerting, dashboards, KQL, automation)
• CrowdStrike Falcon EDR (RTR, IOAs/IOCs, detection tuning)
• Microsoft Defender for Endpoint (MDE) – endpoint and cloud
• Palo Alto Firewalls, IPS/IDS, CNAAP
• Azure cloud security and Microsoft 365 security services

Proven Experience With

• Building and leading enterprise Incident Response plans and tabletop exercises
• Threat hunting , advanced investigation, and mitigation
• Data feed onboarding and normalization for SIEM platforms
• Scripting and automation in KQL , Python , and PowerShell
• Strong understanding of MITRE ATT&CK , adversary TTPs, and detection engineering principles
• Excellent communication, mentorship, and cross-functional collaboration skills

Preferred Certifications

• CISSP , GCFA , GCIH , GCTI , SC-200 , AZ-500 , or equivalent hands-on experience
• MITRE ATT&CK Defender (MAD) , OSCP , Red Team , or other technical certifications