Job
Title:
Senior Security Operations Engineer

Location:
Washington, DC

Note:
This is an onsite position Place at NIGC Headquarters located at 550 12th
Street SW, Washington, DC 20024

Work
Authorization: Only US Citizen or Green Card candidate

• 
  The
  Senior Security Operations Engineer is responsible for architecting,
  implementing, configuring, administering, tuning, and operationally managing
  enterprise cybersecurity technologies within complex production environments.
• 
  This role requires extensive hands-on technical experience supporting cyber
  operations and maintaining operational security platforms across on-premises,
  hybrid, and cloud infrastructures.

Key
Responsibilities

•
Architect, deploy, configure, administer, and maintain enterprise security
operations tools and technologies in production environments.

•
Manage and optimize Security Information and Event Management (SIEM) platforms
including log ingestion, correlation rules, alert tuning, dashboard
development, use-case creation, and operational monitoring.

•
Deploy, administer, and maintain Endpoint Detection and Response (EDR)
solutions to support endpoint visibility, threat detection, containment, and
remediation activities.

•
Configure and manage Intrusion Detection and Prevention Systems (IDS/IPS),
network security monitoring tools, and threat detection technologies to
identify and respond to malicious activity.

•
Administer vulnerability management platforms, conduct authenticated and
unauthenticated vulnerability scans, validate remediation activities, and
support enterprise vulnerability reduction initiatives.

•
Manage enterprise log management and security monitoring platforms, ensuring
collection, normalization, retention, and analysis of security-relevant
telemetry across servers, endpoints, applications, cloud platforms, and network
devices.

•
Implement and support cloud security technologies across AWS, Azure, and/or
Google Cloud environments, including cloud-native monitoring, workload
protection, identity security, and compliance monitoring capabilities.

•
Perform hands-on system integration, tool deployment, platform upgrades,
patching, troubleshooting, and operational maintenance activities for security
technologies.

•
Develop detection engineering content including SIEM correlation rules, EDR
detections, IOC-based alerts, behavioral analytics, and automated response
workflows.

•
Support cyber operations activities including continuous monitoring, threat
hunting, incident detection, containment, eradication, and recovery efforts.

•
Collaborate with infrastructure, network, cloud, and application teams to
integrate security controls and improve enterprise security posture.

•
Create technical documentation, standard operating procedures, architecture
diagrams, implementation guides, and operational runbooks.

Required
Technical Experience

•
Demonstrated hands-on experience implementing and operating enterprise
cybersecurity tools in production environments.

•
Strong operational experience with technologies such as:

• 
  SIEM
  platforms (e.g., Splunk, Microsoft Sentinel, QRadar, ArcSight)
• 
  EDR
  platforms (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint,
  SentinelOne)
• 
  IDS/IPS
  technologies (e.g., Snort, Suricata, Palo Alto, Cisco Firepower)
• 
  Vulnerability
  management tools (e.g., Tenable Nessus, Qualys, Rapid7)
• 
  Log
  management and monitoring solutions
• 
  SOAR
  and security automation platforms
• 
  Cloud
  security platforms and native cloud security tooling

About Us:

​