1,583 Soc Engineer jobs in the United States

Job Title

SOC Engineer Lead

Job Description

The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security.

Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!

SOC Infrastructure Engineering

Design and implement scalable SOC infrastructure using AWS native services

Build and maintain automated security monitoring pipelines and data ingestion systems

Develop Infrastructure as Code (IaC) solutions for SOC tools and security services

Engineer high-availability, fault-tolerant security operations platforms

Optimize performance and cost of SOC infrastructure and tooling

Security Automation & Orchestration

Develop automated incident response workflows and security orchestration solutions

Build custom integrations between AWS security services and SOC platforms

Create automated threat detection and response capabilities using AWS Lambda and Step Functions

Implement Security Orchestration, Automation, and Response (SOAR) solutions

Design and build custom security tools and utilities for SOC operations

AWS Security Services Engineering

Architect and implement enterprise-wide AWS security monitoring solutions

Configure and optimize AWS GuardDuty, Security Hub, Config, and CloudTrail at scale

Build automated compliance monitoring and reporting systems

Engineer custom detection rules and analytics for AWS environments

Implement centralized logging and security event correlation across multiple AWS accounts

ServiceNow Platform Engineering

Design and implement complex ServiceNow Security Operations automations

Build custom ServiceNow applications and integrations with AWS services

Develop RESTful APIs and web services for ServiceNow platform integration

Create advanced reporting dashboards and analytics for security metrics

Engineer workflow automation for incident lifecycle management

Data Engineering & Analytics

Design and build security data lakes and analytics platforms using AWS services

Implement real-time and batch processing pipelines for security event data

Develop machine learning models for anomaly detection and threat hunting

Build custom analytics dashboards and visualization tools

Engineer data retention and archival solutions for compliance requirements

DevSecOps & CI/CD Integration

Implement security testing and validation in CI/CD pipelines

Build automated security scanning and vulnerability management workflows

Design secure deployment pipelines for SOC applications and infrastructure

Integrate security controls into development and deployment processes

Develop security as code practices and governance frameworks

Job Requirements

Security Clearance

Must be able to obtain and maintain a U.S. Government security clearance

U.S. citizenship required for clearance eligibility

Education & Certifications

Bachelor's degree in Computer Science, Engineering, Information Security, or related field

AWS Certified Security - Specialty (required)

AWS Certified Solutions Architect - Professional or AWS Certified DevOps Engineer - Professional

ServiceNow Certified System Administrator (CSA) or Certified Application Developer (CAD)

One or more of: CISSP, GCIH, GSEC, CISSP-ISSEP, or equivalent security certifications

Experience

8-10 years of experience in cloud engineering, security engineering, or DevOps

4+ years hands-on experience with AWS services and cloud architecture

3+ years experience building security automation and orchestration solutions

3+ years experience with ServiceNow platform development and customization

Proven experience with large-scale system design and implementation

Technical Expertise

Expert-level knowledge of AWS services (Lambda, Step Functions, EventBridge, CloudFormation, CDK)

Advanced programming skills in Python, Go, or Java for security automation

Proficiency with Infrastructure as Code tools (Terraform, CloudFormation, CDK)

Experience with containerization and orchestration (Docker, Kubernetes, ECS, EKS)

Strong knowledge of networking, security protocols, and cloud security architecture

Experience with big data technologies (ElasticSearch, Splunk, AWS Analytics services)

Knowledge of CI/CD tools and practices (GitLab, Jenkins, AWS CodePipeline)

Engineering Competencies

Strong system design and architecture capabilities

Experience with microservices architecture and API development

Knowledge of database design and management (SQL and NoSQL)

Understanding of security frameworks and compliance requirements

Ability to optimize systems for performance, scalability, and cost

Experience with monitoring and observability tools (CloudWatch, Prometheus, Grafana)

Preferred Qualifications

Master's degree in relevant field

Current security clearance (Secret or above)

Experience with DHS cybersecurity policies and regulations (HIGHLY PREFERRED)

Additional AWS certifications (Machine Learning, Big Data, Advanced Networking)

ServiceNow Certified Implementation Specialist or Certified Technical Developer

Experience with machine learning and artificial intelligence for security applications

Knowledge of threat intelligence platforms and STIX/TAXII protocols

Previous experience in federal government or regulated industries

Experience with federal compliance frameworks (FedRAMP, FISMA, NIST 800-53)

Background in DevSecOps and security-focused software development

Advanced Technical Skills

Experience with serverless security architectures and event-driven systems

Knowledge of advanced AWS security services (Detective, Macie, Inspector)

Experience with security data science and behavioral analytics

Understanding of zero trust architecture principles and implementation

Knowledge of container and Kubernetes security

Experience with security testing automation and vulnerability management

The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship.

Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment

Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. Telos offers excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future.

Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos Corporation will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business. If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at 1- . If you require relay service assistance, please click on the following link to review information on your state's relayservice:

Telos Corporation is an EEO/AA employer.

Job Type

Full-Time

Location

Ashburn, VA 20147 US (Primary)

Telos offers an excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Telos and its subsidiaries are an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

*LOCAL CHICAGOLAND CANDIDATES ONLY - THIS IS AN ONSITE ROLE AND DOES NOT OFFER RELOCATION*

Sr. SOC Engineer
Aqueity, a leading IT managed services provider, is looking to grow our team! The Sr. SOC Engineer is responsible for successfully driving and supporting network and security duties related to set-up, implementation, training, and customer service for a portfolio of clients.

Key responsibilities include the following:

• Assist in policy creation for SIEM/EDR
• Assist in monitoring and responding to SIEM/EDR and Phish alerts
• Ticket management and closure
• SME in windows security best practices (i.e. GPO/AD, NTFS permissions etc.,)
• Assist Lead in Critical security issues and initiatives
• Conduct regular audits on internal security measures
• Run vulnerability assessments for clients and review technical SOW's for remediation
• Assist/Manage Incident response team
• Train new Network and Security technicians
• Manage schedule and timesheets
• Maintain training and certification paths to stay up to date on current security needs
• Develop and maintain documentation for security controls and procedures

Required education, skills, and experience:

• Associate's degree or an equivalent level of training and education
• 1-2 years of experience in a Senior SOC Engineer capacity, product support or tech support role
• Experience working with a Managed Services Provider or IT consulting firm required
• Relevant experience in networking, security, and other technical related software/hardware
• Proven ability to work within budgets and timelines
• Networking knowledge/experience - routers and switches, configurations
• Security knowledge/experience - CompTIA Security certification or proven experience in cyber security
• Quick learner with lots of drive and passion
• Eager, confident team player
• Highly adaptable, with ability to work independently
• Excellent customer service skills

Salary range: $75 - $85k

*LOCAL CHICAGOLAND CANDIDATES ONLY - THIS IS AN ONSITE ROLE AND DOES NOT OFFER RELOCATION*

Jr. SOC Engineer
Aqueity, a leading IT managed services provider, is looking for a skilled Jr. SOC Engineer to join our growing team. The Jr. SOC Engineer uses technical knowledge on a number of security technologies to analyze and respond to security threats from various security platforms and technologies.

Primary Duties and Responsibilities

• Responsible for initial triage of incoming client issues.
• Analyze and respond to security threats from various security platforms and technologies.
• Support, troubleshoot, configure, manage, and upgrade Network Equipment/EDR/SIEM and a wide variety of other security products.
• Perform network troubleshooting to isolate and diagnose common network problems, using strong TCP/IP networking skills.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed devices.
• Respond in a timely manner (within documented SLA) to configuration, maintenance, incident management, and other requests.
• Document actions in ticketing system to effectively communicate information internally and to customers.
• Respond to needs and questions of customers concerning their access to network resources through their managed device.
• Adhere to established MSS policies, procedures, and security practices.
• Resolve problems independently and understand escalation procedures.
• May be dispatched to customer sites to assist and/or facilitate repair or installation of supported products.
• Perform other duties as assigned.

Required Education, Skills and Abilities

• Associate's Degree or equivalent from two-year college or technical school in Information Technology, Information Security/Assurance, Engineering or related field of study; AND/OR at least two years of related experience and/or training (in addition to experience requirements below); or equivalent combination of education and experience required.
• Minimum 6 months of experience in Information Security or Networking required.
• Minimum 6 months of related experience and/or training in a technology environment required.
• Technical knowledge on a number of security technologies required.
• Solid understanding of information security and networking required.
• Prior experience working in an IT managed services environment strongly preferred.
• Extensive experience interacting with customers required.
• Strong critical thinking and problem-solving skills required.
• A passion for information security and data security required.
• Detail oriented with strong organization skills required.
• Customer service focus required with strong interpersonal skills including excellent written/verbal communication skills.

Salary Range: $62 - $72k

Title: SOC Security Engineer Tier 2
Location: Raleigh, NC (HYBRID)
Duration: 6-month contract with potential extensions
Compensation: $50.00 - $56.00/hour
Work Requirements: US Citizen, GC Holders or Authorized to Work in the U.S.

SOC Security Engineer Tier 2
A SOC (Security Operations Center) Tier 2 Analyst plays a pivotal role in an organization's cybersecurity posture, handling complex security incidents and actively contributing to threat detection and response. This role requires a strong understanding of cybersecurity principles, incident response methodologies, and proficiency with security tools, particularly those from Cisco.

RESPONSIBILITIES
Incident Response and Analysis:

• Conduct in-depth analysis of security incidents escalated from Tier 1, according to Dropzone AI.
• Utilize advanced threat intelligence to thoroughly investigate potential breaches, including attack vectors, affected systems, and impact on business operations.
• Perform forensic analysis on compromised systems and correlate events from various sources to build a comprehensive picture of the threat.
• Implement containment and eradication strategies, such as isolating affected systems, blocking malicious IP addresses, or removing malware.
• Coordinate incident response efforts across multiple teams, including IT, network engineers, and management.
• Develop and update incident response playbooks based on lessons learned from investigations.

Security Monitoring and Optimization:

• Monitor security dashboards, SIEM (Security Information and Event Management) platforms, and other security tools (including Cisco security products like Cisco Secure Endpoint, Cisco Secure Malware Analytics, and the Cisco SecureX platform) for suspicious activity.
• Develop custom detection rules and correlation logic to improve threat detection capabilities.
• Tune security tools and adjust processes to reduce false positives and improve efficiency.
• Proactively hunt for threats that may have bypassed initial detection mechanisms.

Vulnerability Management and Remediation:

• Conduct vulnerability assessments and assist in developing remediation plans.
• Proactively update systems and ensure the latest patches are deployed.

Technical Leadership and Documentation:

• Provide guidance and mentorship to Tier 1 SOC Analysts.
• Create and maintain detailed documentation of incidents, investigations, and findings.
• Communicate technical findings clearly to both technical and non-technical stakeholders.
• Contribute to security architecture improvements and best practices development.

SKILLS & QUALIFICATIONS
Experience:

• 2-5 years of experience in a security-related role, with at least 2-3 years as a Tier 2 SOC Analyst or Threat Hunter.

Technical Proficiency:

• Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, firewalls, etc.).
• Proficiency in using SIEM tools (e.g., Splunk, IBM QRadar, LogRhythm, according to ITU Online IT Training) and other security technologies (e.g., EDR, IDS/IPS, packet analyzers).
• Hands-on experience with Cisco security products is highly valued.
• Experience in handling security incidents and conducting forensic analysis.
• Knowledge of scripting languages (e.g., Python, PowerShell) for task automation and data analysis.
• Familiarity with the MITRE ATT&CK framework.
• Knowledge of operating systems (Windows, Linux) and their security implications.

Soft Skills:

• Excellent analytical and problem-solving abilities, including attention to detail.
• Strong communication skills, both written and verbal, for reporting and collaborating with diverse teams.
• Ability to work under pressure and adapt to a fast-paced environment.
• A commitment to continuous learning and staying updated with evolving threats.

Education:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience) is often preferred.

Certifications:

• Consider industry certifications like CompTIA CySA+, GIAC Certified Incident Handler (GCIH), Cisco Certified CyberOps Associate, or similar credentials to validate your skills and knowledge in incident response, threat detection, and Cisco security technologies.

Our benefits package includes:

• Comprehensive medical benefits
• Competitive pay
• 401(k) retirement plan
• .and much more!

INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities

Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.

25-15452

Job Title: Tier 2 SOC Engineer

Location: Morrisville, NC (Hybrid)

Overview:

We're seeking a skilled Tier 2 SOC Engineer to join our cybersecurity team in Morrisville, NC. This hybrid role is ideal for someone passionate about threat detection and response, and who thrives in a collaborative environment. You'll work closely with our Splunk Engineer to dive deeper into threats and enhance our security posture.

Key Responsibilities:

• Collaborate with the Splunk Engineers to investigate and analyze threats
• Conduct proactive threat hunting across various platforms
• Review and triage security alerts
• Create and manage incident tickets
• Utilize tools such as Splunk, Azure Defender, Office 365, and more

Required Skills & Experience:

• Hands-on experience with Splunk and other SIEM tools
• Familiarity with Azure Defender and Office 365 security features
• Strong understanding of threat hunting methodologies
• Ability to analyze alerts and respond to incidents effectively
• Experience working in a SOC environment

Preferred Qualifications:

• Certifications such as Security+, CEH, or similar
• Experience with automation in ticketing or incident response workflows
• Knowledge of scripting or programming for threat detection

Pay Rate: $45-$55 per hour

Benefits:

• 20 PTO days annually
• 11 federal holidays
• Cigna healthcare coverage

Work Environment:

This is a hybrid role based in Morrisville, NC. You'll be part of a dynamic team focused on continuous improvement and proactive defense.

Description
*Email (.com) for consideration*
Robert Half (Technology Solutions) is searching for a Sr. Security Operations (SOC) Engineer / Lead Incident Response with a background in Level 3 Escalated Incident Response, Splunk, Defender, EDR, XDR, Panorama, Palo Alto, and Senior-Level SOC Background. If this sounds like your background, then this Sr. Security Operations (SOC) Engineer / Lead Incident Response role is for you. For this opportunity, you will work remote/hybrid in Century City, CA area.
Position: Sr. Security Operations (SOC) Engineer / Lead Incident Response
Hours/Duration: 40 hrs/wk, M-F, PST Hours, CTH/FTE
Top Skills: Level 3 Escalated Incident Response, Splunk, Defender, EDR, XDR, Panorama, Palo Alto, Senior-Level SOC Background
Onsite/Remote: Remote/Hybrid
Company: Financial Service Enterprise
We are looking to present candidates immediately and this Sr. Security Operations (SOC) Engineer / Lead Incident Response position will not be open long. You can apply for this position today by sending your resume to (.com) or texting me at ( (email text-line). You can also connect with me on LinkedIn at (linkedin/in/brendan-steele-17770101/).
Notes:
- Monitor and respond to security incidents using tools like Splunk and Palo Alto Firewall.
- Investigate and manage security incidents, ensuring timely and effective resolution.
- Perform vulnerability assessments and utilize security tools to mitigate potential threats.
- Develop and refine operational procedures and documentation for the Security Operations team.
- Automate processes using scripting languages such as Python or PowerShell to enhance efficiency.
- Implement and manage Checkpoint and firewall technologies to strengthen network security.
- Apply configuration management practices to maintain secure and optimized systems.
- Leverage expertise in computer hardware to ensure secure and reliable system operations.
- Collaborate with teams to design and enforce robust security policies and protocols.
- Utilize endpoint protection and endpoint security solutions to safeguard network access.
Requirements - Minimum of 5 years of experience in Security Operations, with direct involvement in incident management and investigation.
- Proficiency in tools like Splunk, Palo Alto Firewall, CrowdStrike, Dark Trace, and Microsoft Defender.
- Strong scripting skills in Python or PowerShell to automate tasks and improve workflows.
- Hands-on experience with firewall technologies and Checkpoint implementation.
- Knowledge of configuration management and computer hardware to support secure operations.
- Ability to design and document technical procedures and security protocols.
- Expertise in endpoint protection and security to mitigate risks effectively.
- Motivated, with strong problem-solving skills and the ability to think critically under pressure.
Technology Doesn't Change the World, People Do.®
Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.
Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app ( and get 1-tap apply, notifications of AI-matched jobs, and much more.
Robert Half will consider for employment qualified applicants with arrest or conviction records in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.
© 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use ( .

If you're seeking a sense of community and the ability for growth, look no further. Since 1982, we have been 100% dedicated to our people. Our approach permits greater ownership for individuals and welcomes input into decisions for a thriving workplace and happy employees. Our people are the core reason for AIS' success. As an employee owned company, we are looking for individuals that are passionate about finding innovative solutions, and excited about emerging technologies and capabilities.

Introduction:

As aSOC Engineer Tier 1-2 you will use cutting-edge cloudtechnologies to ensure secure operations for our clients. Ensure that large-scale Azure and M365 environments are secure and that security events are quickly identified and resolved. Build comprehensive security alerts and monitoring tools and dashboards to gauge the operational security of system components. Implement innovation to improve efficiency of Azure security related activities. Serve as point of escalation for challenging and complex security issue resolution. Join our team of security operations cloud professionals and accomplish what others only dream of.
Multiple shifts - Day, Swing, Night, Weekends/Holidays

Please note: This is an evergreen posting to collect resumes for future openings; there is no active position available at this time.

What You'll Be Doing

• Review the environment scoping information and inventory to ensure a deep understanding of the organization's business, its applications, and technical solutions.

• Be well versed in the areas of focus on the security roadmap and have an understanding of how they will be implemented and impact the work that the Security Operations Center staff will have to take up.

• Provide the SOC with an understanding as to the mapping between IT & organization security and how it relates to the responsibilities and tasking that the SOC has.

• Ensure that the SOC team is focusing on education based on preventative maintenance and roadmap capabilities.

• Participate in audit reviews to ensure that gaps in coverage are being addressed by the SOC team.

• Support the creation of reporting templates, explain how they are used and generated and the expectation regarding their cadence. Create a process where the reports are reviewed and feedback loops provide the ability to improve them.

• Specialize in SIEM configuration and maintenance.

• Responsible for building the security architecture and systems

• Work with development operations teams to ensure that systems are up to date.

• Document requirements, procedures, and protocols to ensure that other users have the right resources

• Work with customers on complex operational issues

Location and Travel Details

Must be in the DC Metropolitan area as positions will be 100% onsite.

Security Clearance and Citizenship Requirements

TS/SCI with CI Polygraph is required

Skills required for this opportunity

• 3 + years of experience in security engineering to operate M365 and Azure platforms

• Security + certification

• Experience in Azure and M365 environments

• Good experience in a variety of SOC engineering/ administration tools

• Handles daily alerts, incidents; monitors, tracks, analyzes and records.

• Work with other IT professionals to resolve fast moving vulnerabilities such as spam, virus, spyware and malware.

• Monitor security vulnerability information from vendors and third parties.

• Strong engineering analysis ability

Other applicable skills for this opportunity

• Provide technical guidance / recommendations to clients to enhance their overall security posture within the managed products.

• Work with vendors, outside consultants, and other third parties to improve information security within the organization.

• Advanced Forensics skills to evaluate current malware and phishing threats.

• Familiarity with Microsoft Azure Sentinel and Microsoft Defender Suite

• Experience with SOC capabilities using tools like Azure Monitor, Azure Sentinel, Azure Automation, Azure Backup, Azure Security Center, etc.

• Apply these capabilities to IaaS and PaaS services such and VMs, Azure Service Environment ASE, Azure Kubernetes Service AKS, Spring Cloud, Azure Virtual Desktop, etc.MSFT: SC-200, SC-900, AZ-900, AZ-500

Applied Information Sciences does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis. Employment decisions are based solely on qualifications, merit, and business needs.

If you're seeking a sense of community and the ability for growth, look no further. Since 1982, we have been 100% dedicated to our people. Our approach permits greater ownership for individuals and welcomes input into decisions for a thriving workplace and happy employees. Our people are the core reason for AIS' success. As an employee owned company, we are looking for individuals that are passionate about finding innovative solutions, and excited about emerging technologies and capabilities.

Introduction:

As aSOC Engineer Tier 1-2 you will use cutting-edge cloud technologies to ensure secure operations for our clients. Ensure that large-scale Azure and M365 environments are secure and that security events are quickly identified and resolved. Build comprehensive security alerts and monitoring tools and dashboards to gauge the operational security of system components. Implement innovation to improve efficiency of Azure security related activities. Serve as point of escalation for challenging and complex security issue resolution. Join our team of security operations cloud professionals and accomplish what others only dream of.
Multiple shifts - Day, Swing, Night, Weekends/Holidays

Please note: This is an evergreen posting to collect resumes for future openings; there is no active position available at this time.

What You'll Be Doing

• Review the environment scoping information and inventory to ensure a deep understanding of the organization's business, its applications, and technical solutions.
• Be well versed in the areas of focus on the security roadmap and have an understanding of how they will be implemented and impact the work that the Security Operations Center staff will have to take up.
• Provide the SOC with an understanding as to the mapping between IT & organization security and how it relates to the responsibilities and tasking that the SOC has.
• Ensure that the SOC team is focusing on education based on preventative maintenance and roadmap capabilities.
• Participate in audit reviews to ensure that gaps in coverage are being addressed by the SOC team.
• Support the creation of reporting templates, explain how they are used and generated and the expectation regarding their cadence. Create a process where the reports are reviewed and feedback loops provide the ability to improve them.
• Specialize in SIEM configuration and maintenance.
• Responsible for building the security architecture and systems
• Work with development operations teams to ensure that systems are up to date.
• Document requirements, procedures, and protocols to ensure that other users have the right resources
• Work with customers on complex operational issues

Location and Travel Details

Must be in the DC Metropolitan area as positions will be 100% onsite.

Security Clearance and Citizenship Requirements

TS/SCI with CI Polygraph is required

Skills required for this opportunity

• 3 + years of experience in security engineering to operate M365 and Azure platforms
• Security + certification
• Experience in Azure and M365 environments
• Good experience in a variety of SOC engineering/ administration tools
• Handles daily alerts, incidents; monitors, tracks, analyzes and records.
• Work with other IT professionals to resolve fast moving vulnerabilities such as spam, virus, spyware and malware.
• Monitor security vulnerability information from vendors and third parties.
• Strong engineering analysis ability

Other applicable skills for this opportunity

• Provide technical guidance / recommendations to clients to enhance their overall security posture within the managed products.
• Work with vendors, outside consultants, and other third parties to improve information security within the organization.
• Advanced Forensics skills to evaluate current malware and phishing threats.
• Familiarity with Microsoft Azure Sentinel and Microsoft Defender Suite
• Experience with SOC capabilities using tools like Azure Monitor, Azure Sentinel, Azure Automation, Azure Backup, Azure Security Center, etc.
• Apply these capabilities to IaaS and PaaS services such and VMs, Azure Service Environment ASE, Azure Kubernetes Service AKS, Spring Cloud, Azure Virtual Desktop, etc. MSFT: SC-200, SC-900, AZ-900, AZ-500

Applied Information Sciences does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis. Employment decisions are based solely on qualifications, merit, and business needs.

**Our Mission**
At Palo Alto Networks® everything starts and ends with our mission:
Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for innovators who are as committed to shaping the future of cybersecurity as we are.
**Who We Are**
We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included.
As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!
**Your Career**
As a Unit 42 SOC Engineer at Palo Alto Networks (Unit 42) you will create custom detection rules with various security products and create playbooks (automations) for information security use cases.
Working closely with our Unit 42 customer base to achieve their goals of maintaining great security on top of their entire security stack with XSIAM & Unit 42.
**Your Impact**
+ Develop information security and incident response workflows, procedures and deploy them as Cortex XSIAM correlation rules & playbooks
+ Work with customers worldwide on specific security product use cases, API documentations, playbooks & response options
+ Work with customers to understand their specific workflows to help automate procedures & responses on a large scale.
+ Write custom detection rules on top of various security products in Cortex XSIAM
**Your Experience**
+ Hands-on experience with as many information security tools such as SIEMs, FWs, EDR, Sandboxes, Vulnerability Management, etc.
+ Incident response and malware analysis experience
+ Software development experience, preferably python.
+ Good understanding of SOC and information security management workflows in enterprise organizations
+ Great communication skills
+ Previous experience with Cortex XSOAR or other SOAR products preferred
+ Previous experience with Cortex XSIAM preferred
**The Team**
Unit 42 is the global threat intelligence team at Palo Alto Networks. We believe threat intelligence should be shared and available to all within the industry. We deliver high-quality, in-depth research on adversaries, malware families, and attack campaigns. Our analysts uncover and document adversary behaviors and then share playbooks that give insight into the various tools, techniques, and procedures threat actors execute to compromise organizations.
If you're looking for a career with access to the brightest minds in cybersecurity, you've found it. We have a hunger for researching, hunting out the world's newest threats and sharing them with our industry to make the digital world a safer place.
You will be part of a growing, passionate, and dynamic team with an opportunity to work on challenging and exciting projects - centered on what we believe is one of the most significant mission statements in the world. We also strive to be the most people-centric company ever! That means we're constantly working to make your experience amazing, and you are part of the team breaking boundaries of what the workplace can be!
**Compensation Disclosure**
The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $104000 - $169500/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here ( .
**Our Commitment**
We're problem solvers that take risks and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at .
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
All your information will be kept confidential according to EEO guidelines.