Full-time

Security Operations Engineer

EmployerdirecthealthcareDallas, TXPosted June 11, 2026

Apply on Employerdirecthealthcare →More Dallas jobs

About Lantern

Lantern is the specialty care platform connecting people with the best care when they need it most. By curating a Network of Excellence comprised of the nation's top specialists for surgery, cancer care, infusions and more, Lantern delivers excellent care with significant cost savings to employers and their workforces. Lantern also pairs members with a dedicated care team, including Care Advocates and nurses, for the entirety of their care journey, helping them get back to good health, back to their families and back to work. With convenient access to specialists nationwide, Lantern means quality care is within driving distance for most. Lantern is trusted by the nation's largest employers to deliver care to more than 6 million members across the country. Learn more about us at lanterncare.com.

About You:

You use LOGIC in your decision making and understand that progress is critical to making change. You focus on the execution of your content while balancing a fast-paced environment and you take the time to celebrate both the small & big wins.
INCLUSION is a core tenant of your personal beliefs. A diverse and inclusive environment is incredibly important to you. You understand and desire to be a part of a diverse team with different experiences and perspectives & you cherish the differences in each individual that you interact with.
You have the GRIT, drive and ambition to tackle big problems. Big problems require big ideas and a team that supports new ideas.
You care deeply for your customers are driven to keep HUMANITY in all decisions. Your customers aren’t just the individuals using your product. They are the driving factor in your motivation to make a change.
Integrity guides you in life. Focusing on the TRUTH vs. giving people the answers they want to hear.
You thrive in a Team Environment. Collaboration is key in innovation and creating change.

These pillars of LIGHT are a reminder to our team that we are making a difference by providing guidance and support in navigating the often complex and confusing landscape of healthcare. We hope that through this LIGHT, individuals can find their way to the best care, resources, and support they need to get back to life.

If this sounds like you, we would love to connect to speak further about career opportunities at Lantern.

Please apply to our role & someone from our Talent Acquisition Team will reach out to help you navigate our interview process.

Lantern is seeking a Security Operations Engineer who will help defend a healthcare organization operating at the intersection of patient care, claims data, and fast-moving cloud and AI workloads. You'll join a tight-knit security team that owns detection engineering, incident response, threat hunting, and the operational health of our security stack with real influence over how that stack evolves. On any given week, you might tune detections in the SIEM, MSSP on MDR escalations, push policy changes in EDR and NDR, harden Policies, validate Vulnerability findings, or operationalize new telemetry from ISP, DLP, and EDR.

We're looking for someone with 4+ years of security operations experience who thinks like an engineer and operates like a hunter comfortable in Azure, fluent enough in Python or PowerShell to eliminate toil, curious enough to chase weak signals across cloud and endpoint logs, and disciplined enough to document what they build so the next person can extend it. You'll balance detection and response work with the automation and tuning that makes both faster, and you'll partner closely with GRC, IT, and legal to keep our HIPAA, HITRUST CSF v11, and SOC 2 Type II commitments meaningful in practice not just on paper. What we care about most is your judgment, your curiosity, and your willingness to make the team better than you found it.

Location: Hybrid - at least 3 days/wk in our Dallas, TX offices

Key Responsibilities:

Monitor, triage, and investigate alerts across SIEM, EDR, NDR, and DLP platforms
Lead or support incident response activities including scoping, containment, eradication, and post-incident review in alignment with NIST SP 800-61r2
Develop, tune, and maintain detection rules, correlation queries, and behavioral models across the security stack
Conduct threat hunting exercises using structured methodologies (MITRE ATT&CK, hypothesis-driven)
Build and maintain security automation workflows to reduce manual triage and accelerate response (Python, PowerShell, GitHub Actions, REST APIs)
Integrate security tooling with ticketing and workflow platforms (Jira) for consistent case management and SLA tracking
Contribute to SOAR playbook development and refinement
Support vulnerability management operations including Tenable scan management, findings triage, and Jira-based remediation tracking
Maintain and optimize SIEM content, log pipelines, and data sources; ensure complete and accurate log ingestion from cloud, endpoint, network, and identity layers
Manage and tune EDR policies, exclusions, and response actions within CrowdStrike Falcon
Support DLP policy operations, including investigation support for policy violations
Maintain firewall log visibility and coordinate with network/infrastructure teams on Fortinet policy enforcement
Support evidence collection and control testing for HITRUST CSF v11 and SOC 2 Type II assessments
Contribute to security documentation including runbooks, playbooks, and operational procedures
Pa