Security Engineer

Job Description

Everforth ECS is seeking a Security Engineer to work remotely .

At Everforth ECS Federal, we're driven by a commitment to excellence and innovation in solving complex challenges. As a premier provider of advanced technology solutions and services, our mission is to secure and optimize the most critical commercial, government, defense, and intelligence projects across the country. Our team is composed of dynamic professionals who thrive in a collaborative and empowering environment, where our team members leverage the latest technologies and insights to make a real-world impact. Join us and be part of a forward-thinking organization that values your expertise and supports your professional growth.

The Security Engineer is responsible for supporting the engineering, implementation, and optimization of the security technologies, telemetry integrations, detection content, and automation capabilities that enable effective enterprise security monitoring and incident response operations. This role works closely with the SOC analysts, enterprise IT teams, and platform owners to ensure the reliability, scalability, and operational effectiveness of enterprise security monitoring capabilities. The Security Engineer will contribute to the continuous improvement of SOC technologies, detection engineering, and automation initiatives that strengthen the organization's cybersecurity posture.

Responsibilities

• Security Platform Administration: Support the operation, maintenance, and optimization of SOC security platforms including SIEM, EDR, and related monitoring technologies.

• Security Telemetry Integration: Configure and maintain telemetry integrations to ensure enterprise visibility across infrastructure, cloud, identity, and endpoint platforms.

• Detection Engineering: Develop, tune, and maintain detection rules, alerts, and correlation logic to improve threat detection capabilities and reduce false positives.

• SIEM Data Management: Monitor SIEM performance, data ingestion pipelines, and log normalization processes to ensure reliable and accurate data collection.

• Security Automation Support: Implement and maintain automation and orchestration workflows to improve SOC operational efficiency and investigation response times.

• Investigation Support: Provide technical support and expertise to SOC analysts during security investigations, threat hunting, and incident response activities.

• Platform Integration: Collaborate with enterprise IT, cloud, and infrastructure teams to onboard new systems and services into the SOC monitoring environment.

• Operational Monitoring: Monitor the health, reliability, and performance of security monitoring infrastructure and telemetry pipelines.

• Technical Documentation: Maintain documentation related to detection logic, engineering procedures, telemetry integrations, and SOC platform configurations.

• Continuous Improvement: Identify opportunities to enhance monitoring coverage, improve detection quality, and optimize engineering workflows within the SOC.

Education Requirements

• Bachelor's degree in computer science, information security, or a related field. Will consider experience in lieu of a degree.

Physical Demands

• While performing the duties of this job, the employee is regularly required to sit at a desk and use a computer for extended periods.
• The position is generally sedentary but may require walking or standing for brief periods of time.
• Employee may occasionally be required to move, carry, push, pull and/or lift objects up to 10 pounds.

Work Environment

• Job is performed in an office place setting.
• The noise level in the work environment is generally very low with minimal background noise.
• Comfortable climate control and adequate lighting.

Required Skills

• Experience: Minimum of 3-5 years of cybersecurity or security engineering experience supporting enterprise security operations environments.
• Security Engineering Experience: Hands-on experience supporting enterprise security monitoring technologies including SIEM, EDR, and log management platforms.
• Detection Engineering Knowledge: Experience creating, tuning, and maintaining detection content and alerting logic.
• Security Telemetry Experience: Familiarity with log collection, normalization, and telemetry integration across enterprise environments.
• Security Automation Experience: Experience implementing or supporting automation workflows within SOC or incident response operations.
• Enterprise Security Knowledge: Strong understanding of enterprise infrastructure, cloud environments, identity systems, and network security monitoring.
• Security Framework Knowledge: Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO 27001.

Other Requirements of the position include:

• Able and willing to obtain a US Security Clearance.
• On-Call Support: Participates in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability.

Desired Skills

• Cloud Security Monitoring: Experience supporting cloud and SaaS security monitoring integrations.
• Threat Intelligence Integration: Familiarity integrating cyber threat intelligence (CTI) feeds into security tooling.
• Security Data Analysis: Experience analyzing large-scale security telemetry and log data.
• Scripting and Automation: Experience with scripting languages such as Python or PowerShell to support automation and operational tasks.
• Excellent analytical and problem-solving skills, with the ability to investigate complex technical security issues.
• Strong communication skills, with the ability to collaborate effectively with technical and non-technical stakeholders.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees . Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams

• Fostering a culture that is engaging, accountable, and mission-driven

Meet the challenge. Make a difference with Everforth ECS!