Monitor, respond to, and strengthen security across hybrid environments. As a Security Operations Engineer, you'll play a key role in protecting critical infrastructure by analyzing threats, managing alerts, and driving incident resolution. Your work ensures systems remain resilient, compliant, and secure.
What You’ll Do
- Operate and fine-tune security technologies such as SIEM, EDR, IDS/IPS, WAF, and cloud-native platforms to enhance detection, prevention, and response capabilities.
- Continuously monitor logs and telemetry from network, cloud, and production systems to identify suspicious activity and initiate timely responses.
- Investigate security incidents with precision—performing threat analysis, root cause identification, containment, and recovery—while following established response protocols.
- Refine incident response playbooks based on real-world events and industry frameworks like NIST 800-61, ensuring preparedness and continuous improvement.
- Track and report on key security metrics including alert volumes, response effectiveness, and control performance to inform strategic decisions.
- Support audit and compliance initiatives by providing documented evidence, incident records, and operational controls validation.
- Contribute to system resilience through backup, recovery planning, and contingency testing as part of business continuity efforts.
- Partner with Engineering, IT, Cloud, and Compliance teams to close security gaps, harden systems, and expand detection coverage.
- Maintain accurate documentation of configurations, investigations, and procedures to ensure knowledge transfer and operational consistency.
What We’re Looking For
A technically capable professional with a solid foundation in defensive security and incident response. You understand how threats evolve and how to respond effectively under pressure.
- Security+, Network+, or equivalent certification is required.
- Preferred qualifications include a degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
- 3–7 years of hands-on experience in security operations or incident response is strongly preferred.
- Proven experience with SaaS and cloud security platforms, along with tools like SIEM, EDR, and vulnerability scanners.
- Strong analytical skills and the ability to clearly communicate findings to both technical and non-technical audiences.
- Experience managing security in production environments, with a focus on rapid detection and response.
Why This Work Matters
You’ll help protect the systems that support public services and local government operations. By improving detection, response, and resilience, you directly contribute to trust, continuity, and security in the communities we serve.
