We support mission-critical federal environments with advanced cybersecurity engineering and operational excellence. Our team safeguards national security infrastructure through proactive defense strategies, automation, and secure-by-design principles. We value innovation, accountability, diversity of thought, and a strong bias for action.
If you are a security builder not just a monitor this role is designed for you.
Position Overview
We are seeking a Senior Network Security Operations Center (SOC) Engineer to serve as a technical leader within our Federal Security Operations program. This is not a passive monitoring role. You will proactively hunt threats, optimize enterprise security tooling, and engineer resilient defensive architectures to outpace sophisticated adversaries.
This position bridges rigorous federal compliance frameworks (FISMA, NIST, TIC 3.0) with high-performance security engineering to ensure our security stack is deeply integrated, finely tuned, and operationally effective.
Key Responsibilities
Security Stack Ownership & Engineering
Lead optimization of SIEM, EDR, XDR, and Next-Generation Firewall platforms
Manage integration across disparate systems to ensure seamless data flow and visibility
Enhance telemetry, log pipelines, and detection logic for maximum operational efficiency
Proactive Threat Hunting
Develop hypothesis-driven threat hunting strategies across on-prem and cloud environments
Identify stealthy persistence mechanisms, lateral movement, and advanced attack patterns
Map findings to the MITRE ATT&CK framework for reporting and intelligence enrichment
Advanced Incident Response (Tier 3 Escalation)
Serve as the senior escalation point for complex security incidents
Perform deep packet inspection (PCAP analysis), TLS/SSL decryption review, and memory forensics
Lead containment, eradication, and root cause analysis efforts
Automation & Orchestration (SOAR)
Design and maintain SOAR playbooks using Python or Bash
Automate triage, enrichment, and remediation workflows
Reduce Mean Time to Respond (MTTR) and mitigate analyst fatigue
Federal Compliance & Secure-by-Design Implementation
Implement NIST 800-53 controls within operational workflows
Support TIC 3.0 architecture alignment
Champion phishing-resistant MFA, SSO, and audit logging best practices
Maintain continuous compliance without sacrificing operational velocity
Required Technical Expertise
SOC Tooling
Expert-level experience with SIEM platforms (e.g., Splunk Enterprise Security)
Advanced EDR/XDR experience (e.g., CrowdStrike, Microsoft Defender)
Hands-on configuration and management of Next-Generation Firewalls (e.g., Palo Alto)
Familiarity with consolidated AI-driven SOC platforms (e.g., Cortex XSIAM) highly desirable
Network & Protocol Mastery
Deep understanding of TCP/IP, DNS, TLS/SSL
Ability to analyze and interpret PCAP data
Experience with encrypted traffic inspection and advanced network telemetry
Infrastructure & Systems
Strong Linux and Windows administration background
Security-first systems hardening and baseline management
Cloud security exposure preferred (AWS/Azure Gov environments)
Analytical & Reporting Skills
Ability to translate technical vulnerabilities into executive-level insights
Experience aligning detections to MITRE ATT&CK
Strong documentation and briefing capabilities
Qualifications
Experience: 7+ years in high-stakes Network Security within Federal environments
Education: Bachelor’s degree in Cybersecurity, Computer Science, or equivalent experience
Certifications (Required): CISSP, CASP+, GCIH, or other qualifying IAT Level III / IAM Level II certification
Clearance: Active Top Secret (TS), eligible for SCI