Senior Security Operations Engineer

Job Title: Senior Security Operations Engineer

Location: Washington, DC

Note: This is an onsite position Place at NIGC Headquarters located at 550 12th Street SW, Washington, DC 20024

Work Authorization: Only US Citizen or Green Card candidate

• The Senior Security Operations Engineer is responsible for architecting, implementing, configuring, administering, tuning, and operationally managing enterprise cybersecurity technologies within complex production environments.
  
• This role requires extensive hands-on technical experience supporting cyber operations and maintaining operational security platforms across on-premises, hybrid, and cloud infrastructures.
  

Key Responsibilities

• Architect, deploy, configure, administer, and maintain enterprise security operations tools and technologies in production environments.

• Manage and optimize Security Information and Event Management (SIEM) platforms including log ingestion, correlation rules, alert tuning, dashboard development, use-case creation, and operational monitoring.

• Deploy, administer, and maintain Endpoint Detection and Response (EDR) solutions to support endpoint visibility, threat detection, containment, and remediation activities.

• Configure and manage Intrusion Detection and Prevention Systems (IDS/IPS), network security monitoring tools, and threat detection technologies to identify and respond to malicious activity.

• Administer vulnerability management platforms, conduct authenticated and unauthenticated vulnerability scans, validate remediation activities, and support enterprise vulnerability reduction initiatives.

• Manage enterprise log management and security monitoring platforms, ensuring collection, normalization, retention, and analysis of security-relevant telemetry across servers, endpoints, applications, cloud platforms, and network devices.

• Implement and support cloud security technologies across AWS, Azure, and/or Google Cloud environments, including cloud-native monitoring, workload protection, identity security, and compliance monitoring capabilities.

• Perform hands-on system integration, tool deployment, platform upgrades, patching, troubleshooting, and operational maintenance activities for security technologies.

• Develop detection engineering content including SIEM correlation rules, EDR detections, IOC-based alerts, behavioral analytics, and automated response workflows.

• Support cyber operations activities including continuous monitoring, threat hunting, incident detection, containment, eradication, and recovery efforts.

• Collaborate with infrastructure, network, cloud, and application teams to integrate security controls and improve enterprise security posture.

• Create technical documentation, standard operating procedures, architecture diagrams, implementation guides, and operational runbooks.

Required Technical Experience

• Demonstrated hands-on experience implementing and operating enterprise cybersecurity tools in production environments.

• Strong operational experience with technologies such as:

• SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, ArcSight)
  
• EDR platforms (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne)
  
• IDS/IPS technologies (e.g., Snort, Suricata, Palo Alto, Cisco Firepower)
  
• Vulnerability management tools (e.g., Tenable Nessus, Qualys, Rapid7)
  
• Log management and monitoring solutions
  
• SOAR and security automation platforms
  
• Cloud security platforms and native cloud security tooling
  

 About Us: