Senior Network Security Operations Center (SOC) Engineer (Federal) in Arlington
Role details
Job location
Tech stack
Job description
We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.
Job DescriptionJob Description
We support mission-critical federal environments with advanced cybersecurity engineering and operational excellence. Our team safeguards security infrastructure through proactive defense strategies, automation, and secure-by-design principles. We value innovation, accountability, of thought, and a strong bias for action.
If you are a security builder not just a monitor this role is designed for you., We are seeking a Senior Network Security Operations Center (SOC) Engineer to serve as a technical leader within our Federal Security Operations program. This is not a passive monitoring role. You will proactively hunt threats, optimize enterprise security tooling, and engineer resilient defensive architectures to outpace sophisticated adversaries.
This position bridges rigorous federal compliance frameworks (FISMA, NIST, TIC 3.0) with high-performance security engineering to ensure our security stack is deeply integrated, finely tuned, and operationally effective.
Key ResponsibilitiesSecurity Stack Ownership & Engineering
- Lead optimization of SIEM, EDR, XDR, and Next- Firewall platforms
- Manage integration across disparate systems to ensure seamless data flow and visibility
- Enhance telemetry, log pipelines, and detection logic for maximum operational efficiency
Proactive Threat Hunting
- Develop hypothesis-driven threat hunting strategies across on-prem and cloud environments
- Identify stealthy persistence mechanisms, lateral movement, and advanced attack patterns
- Map findings to the MITRE ATT&CK framework for reporting and intelligence enrichment
Advanced Incident Response (Tier 3 Escalation)
- Serve as the senior escalation point for complex security incidents
- Perform deep packet inspection (PCAP analysis), TLS/SSL decryption review, and memory forensics
- Lead containment, eradication, and root cause analysis efforts
Automation & Orchestration (SOAR)
- Design and maintain SOAR playbooks using Python or Bash
- Automate triage, enrichment, and remediation workflows
- Reduce Mean Time to Respond (MTTR) and mitigate analyst fatigue
Federal Compliance & Secure-by-Design Implementation
- Implement NIST 800-53 controls within operational workflows
- Support TIC 3.0 architecture alignment
- Champion phishing-resistant MFA, SSO, and audit logging best practices
- Maintain continuous compliance without sacrificing operational velocity
Requirements
- Expert-level experience with SIEM platforms (e.g., Splunk Enterprise Security)
- Advanced EDR/XDR experience (e.g., CrowdStrike, Microsoft Defender)
- Hands-on configuration and management of Next- Firewalls (e.g., Palo Alto)
- Familiarity with consolidated AI-driven SOC platforms (e.g., Cortex XSIAM) highly desirable
Network & Protocol Mastery
- Deep understanding of TCP/IP, DNS, TLS/SSL
- Ability to analyze and interpret PCAP data
- Experience with encrypted traffic inspection and advanced network telemetry
Infrastructure & Systems
- Strong Linux and Windows administration background
- Security-first systems hardening and baseline management
- Cloud security exposure (AWS/Azure Gov environments)
Analytical & Reporting Skills
- Ability to translate technical vulnerabilities into executive-level insights
- Experience aligning detections to MITRE ATT&CK
- Strong documentation and briefing capabilities, * Experience: 7+ years in high-stakes Network Security within Federal environments
- Education: Bachelor's degree in Cybersecurity, Computer Science, or equivalent experience
- Certifications (Required): CISSP, CASP+, GCIH, or other qualifying IAT Level III / IAM Level II certification
- Clearance: Active Top Secret (TS), eligible for SCI
