Your impact
and
This role requires a broad understanding ofprinciples, incident response procedures, and the ability to work in a fast-paced environment.
Key Responsibilities:
- Security Engineering
- Design, implement, and fine tune security tools and solutions, including EDR (CrowdStrike), SIEM (QRadar), and other security platforms.
- Develop and maintain detection rules, alerts, and dashboards to improve visibility and threat detection.
- Integrate and optimize threat intelligence feeds to enhance correlation and alerting capabilities
- Troubleshoot and resolve performance issues in security tools and systems.
- Incident Response
- Lead and participate in investigations of security incidents, ensuring rapid containment and remediation.
- Conduct forensic analysis on compromised systems to identify root cause, IOC’s, and fortification strategies.
- Document and report findings to stakeholders, including technical details and remediation recommendations.
- Security Operations (SecOps)
- Actively monitor and manage security events, responding to alerts from SIEM and Security Tools
- Perform threat hunting to proactively identify and mitigate risks.
- Coordinate with internal and external teams to ensure continuous monitoring and rapid threat response.
- Compliance and Federal Standards
- Align engineering and operations activities with federal requirements such as CMMC, NIST 800-53, FISMA, and FedRamp.
- Support efforts to achieve and maintain CMMC certification requirements.
- Assist in audit assessments, providing technical documentation and evidence for CMMC and other federal compliance frameworks.
- Continuous Improvement
- Evaluate and recommend enhancements to security tools and processes.
- Develop and maintain runbooks, SOP’s, and engineering documentation for security operations and tools.
- Stay current with emerging threats, vulnerabilities, and industry best practices to continuously evolve the environment.
- Reporting
- Help generate and deliver daily, weekly, and monthly reports on security incidents and SOC activities.
- Soft Skills
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills.
- Ability to work in a fast-paced, high-pressure environment.
- Attention to detail, critical thinking, and a strong work ethic.
Here's what you'll need
- Must be a US citizen
- 5-7 years of experience in security engineering, operations, or incident response roles, including tools tuning and optimization
- Hands-on experience with security tools such as CrowdStrike, QRadar, Proofpoint, and other security and vulnerability management platforms.
- Proficient in scripting or automation (Python, Powershell, or similar) to improve workflows and tools integration.
- Strong understanding of security frameworks and standards (e.g., CMMC, NIST 800-53, CIS Controls)
- Strong experience with network and endpoint security, including forensic techniques
Preferred Qualifications:
- Certifications such as CISSP, GIAC, (e.g., GCED, GCIA, GCIH), or CISM
- Familiarity with cloud security tools and environments (AWS, Azure, GCP, or OCI)
- Experience with advanced threat hunting and malware analysis techniques.
- Knowledge of orchestration tools like SOAR for automating work-flows.
