Senior Security Operations Engineer

Job Title: Senior Security Operations Engineer

Location: Washington DC

Note: This is an onsite position Place at NIGC Headquarters located at 550 12th Street SW Washington DC 20024

Work Authorization: Only US Citizen or Green Card candidate

• The Senior Security Operations Engineer is responsible for architecting implementing configuring administering tuning and operationally managing enterprise cybersecurity technologies within complex production environments.
  
• This role requires extensive hands-on technical experience supporting cyber operations and maintaining operational security platforms across on-premises hybrid and cloud infrastructures.
  

Key Responsibilities

Architect deploy configure administer and maintain enterprise security operations tools and technologies in production environments.

Manage and optimize Security Information and Event Management (SIEM) platforms including log ingestion correlation rules alert tuning dashboard development use-case creation and operational monitoring.

Deploy administer and maintain Endpoint Detection and Response (EDR) solutions to support endpoint visibility threat detection containment and remediation activities.

Configure and manage Intrusion Detection and Prevention Systems (IDS/IPS) network security monitoring tools and threat detection technologies to identify and respond to malicious activity.

Administer vulnerability management platforms conduct authenticated and unauthenticated vulnerability scans validate remediation activities and support enterprise vulnerability reduction initiatives.

Manage enterprise log management and security monitoring platforms ensuring collection normalization retention and analysis of security-relevant telemetry across servers endpoints applications cloud platforms and network devices.

Implement and support cloud security technologies across AWS Azure and/or Google Cloud environments including cloud-native monitoring workload protection identity security and compliance monitoring capabilities.

Perform hands-on system integration tool deployment platform upgrades patching troubleshooting and operational maintenance activities for security technologies.

Develop detection engineering content including SIEM correlation rules EDR detections IOC-based alerts behavioral analytics and automated response workflows.

Support cyber operations activities including continuous monitoring threat hunting incident detection containment eradication and recovery efforts.

Collaborate with infrastructure network cloud and application teams to integrate security controls and improve enterprise security posture.

Create technical documentation standard operating procedures architecture diagrams implementation guides and operational runbooks.

Required Technical Experience

Demonstrated hands-on experience implementing and operating enterprise cybersecurity tools in production environments.

Strong operational experience with technologies such as:

• SIEM platforms (e.g. Splunk Microsoft Sentinel QRadar ArcSight)
  
• EDR platforms (e.g. CrowdStrike Falcon Microsoft Defender for Endpoint SentinelOne)
  
• IDS/IPS technologies (e.g. Snort Suricata Palo Alto Cisco Firepower)
  
• Vulnerability management tools (e.g. Tenable Nessus Qualys Rapid7)
  
• Log management and monitoring solutions
  
• SOAR and security automation platforms
  
• Cloud security platforms and native cloud security tooling
  

About Us: