Software Guidance & Assistance, Inc., (SGA), is searching for a
Senior Security SOC (Security Operations Center) Engineer for a
CONTRACT assignment with one of our premier
Regulatory clients. This position is
fully remote. We are seeking a Senior Security SOC (Security Operations Center) Engineer to join our dynamic cybersecurity team. This position is for our Shift 2 (3pm-11pm) with weekend coverage. In this role, you will be instrumental in building robust detection capabilities, leading threat hunting initiatives, and responding to security incidents to protect our organization from sophisticated cyber threats.
Responsibilities :
- Detection Engineering
- Design, develop, and tune advanced security detection rules and analytics across multiple security platforms (SIEM, EDR, NDR, cloud security tools)
- Develop and maintain detection use cases based on threat intelligence, adversary tactics, and attack frameworks (MITRE ATT&CK)
- Optimize detection logic to reduce false positives while maintaining high detection efficacy
- Configure and tune security tools to improve alert accuracy and operational efficiency
- Security Monitoring & Threat Detection
- Continuously monitor security alerts from various security tools (SIEM, IDS/IPS, firewalls, endpoint protection)
- Analyze security alerts and telemetry data to identify patterns, trends, and indicators of compromise
- Identify and analyze potential security threats, incidents, and anomalies
- Lead proactive threat hunting initiatives to identify emerging threats and potential security incidents
- Incident Response & Investigation
- Perform advanced analysis and triage of security incidents, categorizing and prioritizing threats based on severity
- Collaborate with incident response teams to investigate and remediate security events
- Collect and review relevant logs, evidence, and data to assess the impact of security incidents
- Escalate critical incidents to lead engineers and coordinate response efforts
- Create comprehensive incident reports and documentation
- Threat Intelligence & Continuous Improvement
- Stay current with emerging threats, vulnerabilities, and security technologies
- Implement and integrate threat intelligence feeds into monitoring systems
- Participate in purple team exercises to validate and enhance detection capabilities
- Contribute to post-incident reviews to identify lessons learned and improve response strategies
- Improve detection coverage based on incident learnings and threat landscape evolution
- Leadership & Collaboration
- Create and maintain comprehensive documentation for detection rules, playbooks, and response procedures
- Mentor junior security engineers and share expertise across the security operations team
- Collaborate with SOC leadership, IT teams, and other departments to ensure comprehensive security coverage
- Contribute to security status reports, dashboards, and executive briefings
Required Skills :
- Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience)
- 7+ years of experience in security operations, threat detection, or security engineering
- Strong expertise with SIEM platforms (Splunk, Elastic, Sentinel, or similar)
- Proficiency in query languages (SPL, KQL, SQL) and scripting languages (Python, PowerShell)
- Deep understanding of the MITRE ATT&CK framework and adversary tactics, techniques, and procedures
- Experience with EDR/XDR platforms and log analysis
- Strong knowledge of network protocols, operating systems, and security architectures
- Understanding of threat intelligence integration and application
- Excellent analytical and problem-solving skills
- Strong communication skills with ability to articulate technical concepts to various audiences
Preferred Skills :
- Advanced security certifications (GCDA, GCIA, GCFE, CEH, CISSP, or similar)
- Experience with cloud security platforms (AWS, Azure, Google Cloud Platform)
- Background in malware analysis or digital forensics
- Experience with automation and orchestration tools (SOAR platforms)
- Knowledge of machine learning applications in security detection
- Contribution to open-source security projects or research
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
Never miss an opportunity! Create an alert based on the job you applied for.
