Senior Security Operations Center Engineer

Vizient, Inc.
Chicago, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 156K

Job location

Chicago, United States of America

Tech stack

Java
Microsoft Windows
Amazon Web Services (AWS)
Application Integration Architecture
Azure
C Sharp (Programming Language)
Cloud Computing
Cloud Computing Security
CompTIA Security+
Computer Security
Query Languages
Linux
Identity and Access Management
Intrusion Detection and Prevention
JSON
Python
Microsoft Security Essentials
Powershell
Kusto Query Language
Security Information and Event Management
Software Engineering
SQL Databases
Systems Integration
Software Vulnerability Management
YAML
Scripting (Bash/Python/Go/Ruby)
Enterprise Software Applications
Cloud Platform System
Software Security
Mitre Att&ck
QRadar
Cyber Threat Analysis
Infrastructure Automation Frameworks
Information Technology
Cybercrime
Microsoft Sentinel
CIS Benchmarks
Cyber Warfare
Splunk
Security Orchestration, Automation & Response
Programming Languages

Job description

In this role, you will serve as the technical leader for Security Operations Center (SOC) engineering, responsible for designing, implementing, and continuously improving the organization's security monitoring, detection, incident response, and automation capabilities. You will lead engineering initiatives that strengthen cyber defense, improve threat detection, reduce analyst workload through automation, and enhance the overall maturity of security operations. You will partner closely with Security Operations, Infrastructure, Cloud, Identity, Application Security, Threat Intelligence, and Vulnerability Management teams to ensure security technologies are effectively integrated and aligned with business objectives. You will also mentor SOC analysts and junior engineers while driving strategic security initiatives across the enterprise., * Design, implement, optimize, and maintain enterprise security monitoring and detection capabilities.

  • Develop and maintain SIEM detections, correlation rules, analytics, dashboards, and threat intelligence integrations.
  • Engineer, administer, and optimize SIEM, SOAR, EDR/XDR, and cloud security platforms.
  • Develop security automation playbooks that reduce manual analyst effort and improve incident response efficiency.
  • Lead technical investigations during cybersecurity incidents and implement post-incident improvements to strengthen security posture.
  • Conduct proactive threat hunting activities and develop reusable threat hunting content.
  • Collaborate with Infrastructure, Cloud, Identity, Application Security, and Vulnerability Management teams to integrate security controls across the enterprise.
  • Mentor SOC analysts and junior engineers by providing technical guidance, coaching, and engineering best practices.
  • Participate in the Security Operations Center on-call rotation and respond to high-priority security incidents outside normal business hours.
  • Provide technical leadership during major security incidents and assist with incident response coordination.
  • Continuously evaluate emerging security technologies and recommend improvements to enhance security operations capabilities.
  • Support initiatives that improve SOC maturity, operational efficiency, and overall cyber resilience.

Requirements

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Software Engineering, or a related technical field, or equivalent practical experience.

  • 5+ years of experience designing, implementing, integrating, or supporting complex enterprise technology or cybersecurity solutions.

  • Experience working within a Security Operations Center (SOC) or cybersecurity engineering environment.

  • Experience administering one or more SIEM platforms such as Microsoft Sentinel, Splunk, IBM QRadar, or similar technologies.

  • Experience with EDR/XDR platforms such as Microsoft Defender XDR or equivalent endpoint security technologies.

  • Experience with SOAR platforms and security workflow automation.

  • Experience developing scripts or automation using Python, PowerShell, C#, Java, or similar programming languages.

  • Strong understanding of Windows, Linux, networking, identity management, cloud technologies, and enterprise infrastructure.

  • Experience integrating APIs and automating enterprise security processes.

  • Strong analytical, troubleshooting, and problem-solving skills.

  • Excellent written and verbal communication skills with the ability to explain technical concepts to both technical and non-technical audiences.

  • Ability to participate in the team's rotating on-call schedule.

  • Experience securing Azure, AWS, Microsoft 365, or other cloud environments.

  • Experience with threat hunting methodologies and threat intelligence integration.

  • Knowledge of MITRE ATT&CK, NIST Cybersecurity Framework, CIS Controls, and other industry security frameworks.

  • Experience creating SIEM detections using Kusto Query Language (KQL), Splunk Processing Language (SPL), SQL, or similar query languages.

  • Familiarity with JSON, YAML, and infrastructure automation.

  • Relevant cybersecurity certifications such as CISSP, GIAC (GCIA, GCIH, GMON), Microsoft Security certifications, Splunk certifications, or comparable industry certifications.

  • Experience mentoring engineers or leading technical security initiatives.

Benefits & conditions

At Vizient, we consider skills, experience, and organizational needs in our compensation approach. Geographic factors may adjust the range estimate and hires typically fall below the top range. Compensation decisions are tailored to individual circumstances. The current salary range for this role is $88,900.00 to $155,500.00.

This position is also incentive eligible.

Vizient has a comprehensive benefits plan! Please view our benefits here

Apply for this position