Security Operations Center (SOC) Engineer Government/Educational Institutions
Posted 2 weeks ago by 1750919892
Negotiable
Outside
Remote
USA
Summary: The role of SOC Engineer involves supporting the deployment, configuration, and operations of SOC as a Service solutions for public sector clients, particularly in government and educational institutions. The position requires expertise in security monitoring, incident detection, and response within regulated environments. The engineer will be responsible for maintaining security platforms and ensuring compliance with various security frameworks. Strong analytical skills and experience with security tools are essential for success in this role.
Key Responsibilities:
- Deploy and maintain SIEM and SOAR platforms (e.g., Splunk, QRadar, Cortex XSOAR)
- Analyze and correlate logs to detect anomalies, threats, and malicious activity
- Respond to security incidents and assist with containment and remediation efforts
- Perform vulnerability assessments and recommend remediation actions
- Create and maintain detection rules, alerts, dashboards, and runbooks
- Integrate threat intelligence feeds and contextualize alerts
- Support compliance with security frameworks like NIST, FERPA, CJIS, or HIPAA
- Generate documentation and reports for audits and executive review
Key Skills:
- 3-7 years of experience in a SOC, cybersecurity, or network security role
- Demonstrated experience deploying and operating platforms
- Hands-on experience with SIEM tools (Splunk, LogRhythm, QRadar, etc.)
- Hands-on experience with SOAR tools (Cortex XSOAR, Splunk Phantom, etc.)
- Hands-on experience with vulnerability management platforms (Tenable, Qualys, Rapid7)
- Familiarity with security frameworks: NIST 800-53, MITRE ATT&CK, ISO 27001
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
We are seeking an experienced SOC Engineer to support the deployment, configuration, and ongoing operations of SOC as a Service (SOCaaS) solutions for a major public sector client.This role requires expertise in security monitoring, incident detection and response, and the ability to work within highly regulated environments such as government agencies or educational institutions
Key Responsibilities:
Deploy and maintain SIEM and SOAR platforms (e.g., Splunk, QRadar, Cortex XSOAR)
Analyze and correlate logs to detect anomalies, threats, and malicious activity
Respond to security incidents and assist with containment and remediation efforts
Perform vulnerability assessments and recommend remediation actions
Create and maintain detection rules, alerts, dashboards, and runbooks
Integrate threat intelligence feeds and contextualize alerts
Support compliance with security frameworks like NIST, FERPA, CJIS, or HIPAA
Generate documentation and reports for audits and executive review
Required Skills & Experience:
3 7 years of experience in a SOC, cybersecurity, or network security role
Demonstrated experience deploying and operating platforms
Hands-on experience with:
SIEM tools (Splunk, LogRhythm, QRadar, etc.)
SOAR tools (Cortex XSOAR, Splunk Phantom, etc.)
Vulnerability management platforms (Tenable, Qualys, Rapid7)
Familiarity with security frameworks: NIST 800-53, MITRE ATT&CK, ISO 27001
Strong analytical and problem-solving skills
Excellent written and verbal communication skills
Preferred Qualifications:
Experience supporting K-12, higher education, or government clients
Familiarity with cloud security (AWS, Azure, or Google Cloud)
Certifications (one or more preferred):
CISSP Certified Information Systems Security Professional
CISM Certified Information Security Manager
CEH Certified Ethical Hacker
CompTIA Security+, CySA+, or vendor-specific certs