Job Description

Everforth ECS is seeking a Senior Security Engineer to work remotely.

At Everforth ECS Federal, we're driven by a commitment to excellence and innovation in solving complex challenges. As a premier provider of advanced technology solutions and services, our mission is to secure and optimize the most critical commercial, government, defense, and intelligence projects across the country. Our team is composed of dynamic professionals who thrive in a collaborative and empowering environment, where our team members leverage the latest technologies and insights to make a real-world impact. Join us and be part of a forward-thinking organization that values your expertise and supports your professional growth.

The Senior Security Engineer is responsible for supporting the engineering, implementation, and optimization of the security technologies, telemetry integrations, detection content, and automation capabilities that enable effective enterprise security monitoring and incident response operations. This role works closely with the Security Engineering Manager, SOC analysts, enterprise IT teams, and platform owners to ensure the reliability, scalability, and operational effectiveness of enterprise security monitoring capabilities. The Senior Security Engineer will contribute to the continuous improvement of SOC technologies, detection engineering, and automation initiatives that strengthen the organization’s cybersecurity posture.

Responsibilities

• Security Platform Administration: Support the operation, maintenance, and optimization of SOC security platforms including SIEM, EDR, and related monitoring technologies.

• Security Telemetry Integration: Configure and maintain telemetry integrations to ensure enterprise visibility across infrastructure, cloud, identity, and endpoint platforms.

• Detection Engineering: Develop, tune, and maintain detection rules, alerts, and correlation logic to improve threat detection capabilities and reduce false positives.

• SIEM Data Management: Monitor SIEM performance, data ingestion pipelines, and log normalization processes to ensure reliable and accurate data collection.

• Security Automation Support: Implement and maintain automation and orchestration workflows to improve SOC operational efficiency and investigation response times.

• Investigation Support: Provide technical support and expertise to SOC analysts during security investigations, threat hunting, and incident response activities.

• Platform Integration: Collaborate with enterprise IT, cloud, and infrastructure teams to onboard new systems and services into the SOC monitoring environment.

• Operational Monitoring: Monitor the health, reliability, and performance of security monitoring infrastructure and telemetry pipelines.

• Technical Documentation: Maintain documentation related to detection logic, engineering procedures, telemetry integrations, and SOC platform configurations.

• Continuous Improvement: Identify opportunities to enhance monitoring coverage, improve detection quality, and optimize engineering workflows within the SOC.

Education Requirements

• Bachelor’s degree in computer science, information security, or a related field. Will consider experience in lieu of a degree.

Physical Demands

• While performing the duties of this job, the employee is regularly required to sit at a desk and use a computer for extended periods.

• The position is generally sedentary but may require walking or standing for brief periods of time.

• Employee may occasionally be required to move, carry, push, pull and/or lift objects up to 10 pounds.

Work Environment

• Job is performed in an office place setting.

• The noise level in the work environment is generally very low with minimal background noise.

• Comfortable climate control and adequate lighting.

Qualifications

• Experience: Minimum of 5–8 years of cybersecurity or security engineering experience supporting enterprise security operations environments.

• Security Engineering Experience: Hands-on experience supporting enterprise security monitoring technologies including SIEM, EDR, and log management platforms.

• Detection Engineering Knowledge: Experience creating, tuning, and maintaining detection content and alerting logic.

• Security Telemetry Experience: Familiarity with log collection, normalization, and telemetry integration across enterprise environments.

• Security Automation Experience: Experience implementing or supporting automation workflows within SOC or incident response operations.

• Enterprise Security Knowledge: Strong understanding of enterprise infrastructure, cloud environments, identity systems, and network security monitoring.

• Security Framework Knowledge: Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO 27001.

Other Requirements of the position include:

• Able and willing to obtain a US Security Clearance.

• On-Call Support: Participates in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability.