Title: Security Platform Engineer
Location : Rockville, Maryland
Target Start Date : ASAP
Type: contract
Pay Rate: DOE
We are seeking a talented Security Platform Engineer to join our Security Operations team. This role is responsible for maintaining, optimizing, and evolving the organization's security infrastructure, with a strong focus on our SIEM ecosystem and enterprise security tooling. The ideal candidate will have a blend of security operations experience, platform engineering skills, and a passion for improving detection, visibility, and response capabilities across the enterprise.
Key Responsibilities - Design, implement, maintain, and optimize security platforms, with primary ownership of the SIEM environment.
- Manage ingestion, normalization, and enrichment of security logs from diverse data sources (cloud, endpoints, network, applications, and identity systems).
- Develop, tune, and maintain detection rules, alerts, dashboards, and reports to improve threat visibility and reduce false positives.
- Partner closely with Security Operations, Incident Response, and Threat Intelligence teams to support investigations and enhance detection coverage.
- Administer and integrate enterprise security tools such as EDR, SOAR, IAM, vulnerability management, and cloud security platforms.
- Automate security workflows and platform operations using scripting or infrastructure-as-code approaches where applicable.
- Monitor platform health, performance, and data quality; troubleshoot ingestion or integration issues as needed.
- Evaluate new security technologies and contribute to roadmap planning and continuous improvement initiatives.
- Ensure security platforms align with compliance, data retention, and audit requirements.
- Create and maintain technical documentation, runbooks, and operational procedures.
Required Qualifications - 3+ years of experience in security engineering, security operations, or a related technical role.
- Hands-on experience administering and operating a SIEM platform (e.g., Splunk, Sentinel, QRadar, Elastic, or similar).
- Strong understanding of security telemetry, log sources, and detection engineering concepts.
- Experience working with enterprise security tools such as EDR, SOAR, vulnerability scanners, or cloud security platforms.
- Proficiency with scripting or automation (e.g., Python, PowerShell, Bash).
- Solid understanding of networking, operating systems, and cloud environments (AWS, Azure, or Google Cloud Platform).
- Ability to troubleshoot complex technical issues and work cross-functionally with engineering and security teams.
Preferred Qualifications - Experience designing or scaling SIEM architectures in large or complex environments.
- Familiarity with MITRE ATT&CK and modern threat detection frameworks.
- Experience with cloud-native logging and security services.
- Knowledge of infrastructure-as-code or configuration management tools (e.g., Terraform, Ansible).
- Relevant certifications (e.g., Splunk, Azure Sentinel, CISSP, GCED, GCIA) are a plus.
Welcome to ConsultNet, a premier national provider of technology talent and solutions. Our expertise spans across project services, contract-to-hire, direct search, and managed services onshore, nearshore, and hybrid.
For over 25 years, we have connected thousands of consultants with meaningful roles through a personal, communication-driven approach, partnering with a diverse client base to build high-performing teams and create lasting impact.
Our comprehensive service offerings cover a wide range of technology and engineering positions across key markets nationwide. Learn more at
.
We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.
Never miss an opportunity! Create an alert based on the job you applied for.