SOC SIEM/Cloud Engineer

Job ID: 2508288

Location: REMOTE WORK, TN, US

Date Posted: 2025-08-05

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: Secret

Potential for Remote Work: Yes

Description

We provide advanced cybersecurity monitoring and engineering support to a wide range of government agencies through a multi-tenant MSS model. Our Security Operations Center (SOC) operates 24/7, leveraging Microsoft Sentinel as the core SIEM platform. However, we increasingly support hybrid and multi-cloud environments including AWS and Splunk, and we are seeking a cloud-savvy SIEM engineer to help us grow and maintain secure, scalable monitoring capabilities.

As a SOC SIEM/Cloud Engineer, you will serve as one of the primary engineers for multi-cloud SIEM operations in a managed security services environment. While Microsoft Sentinel remains our core SIEM platform, you will also support AWS-native security tooling and Splunk-based environments. This role emphasizes cross-cloud log ingestion, automation, and security detection engineering. Candidates must be self-directed, security-minded, and comfortable designing scalable monitoring strategies across diverse architectures.
This is a remote position, but Secret clearance eligibility is required to support future classified operations, as needed.

KEY RESPONSIBILITIES:

SIEM Operations & Cloud Integration

• Administer and optimize SIEM platforms including Microsoft Sentinel, Splunk, and AWS-native tools such as CloudWatch, CloudTrail, GuardDuty, and Security Hub.
• Manage log ingestion pipelines from hybrid, cloud, and containerized environments.
• Design alert rules, detection use cases, and enrichment pipelines using KQL, SPL, and JSON-based event structures.

Security Automation

• Build and maintain automation workflows using Azure Logic Apps, Splunk SOAR, and AWS Lambda/Step Functions.
• Integrate threat intelligence, reputation feeds, and context enrichment across cloud platforms.
• Partner with SOC analysts to streamline Tier 1-2 response efforts through smart automation.

Multi-Cloud Design & Support

• Act as the subject matter expert on cloud security logging and architecture for Azure, AWS, and hybrid environments.
• Advise customers and internal teams on best practices for telemetry, logging policy, and compliance alignment (e.g., FedRAMP, CJIS, NIST 800-53).
• Lead or support onboarding of cloud workloads including EC2, EKS, Lambda, Azure VMs, Kubernetes, and M365C environments.

Qualifications

Required Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field
• 3-5+ years of SIEM engineering experience across multi-cloud environments (Azure, AWS)
• Hands-on experience with Microsoft Sentinel, AWS Security Services, and Splunk
• Experience creating alerts and detection rules in KQL, SPL, and JSON-based formats
• Familiarity with automation tools such as Logic Apps, Splunk SOAR, AWS Lambda, or Step Functions
• Strong scripting knowledge (PowerShell, Python, or Bash)

Preferred Qualifications

• Active Secret clearance or higher
• Microsoft Certifications: SC-200, AZ-500
• AWS Certifications: Security Specialty, Solutions Architect Associate or Pro
• Splunk Certifications: Admin, Power User
• Experience with cloud container security (EKS, AKS, Kubernetes auditing)
• Experience in multi-tenant MSSP environments or government contracts
• Familiarity with large language models (LLMs), GenAI, or agentic AI frameworks for use in cybersecurity operations

What We Offer

• Fully remote work with flexibility and work-life balance
• Opportunity to contribute to classified operations with additional clearance
• Competitive compensation and benefits
• Training and certification assistance
• Stable, mission-driven cybersecurity work supporting state and federal government agencies

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.