Security Operations Center Engineer

SECURITY OPERATIONS CENTER ENGINEER -

The State Personnel System is an E-Verify employer. For more information click on ourE-Verify Website .

Requisition No:867366

Agency:
Management Services

Working Title:

SECURITY OPERATIONS CENTER ENGINEER -

Security Operations Center (SOC) Engineer
Florida Digital Service
State of Florida Department of Management Services
This position is located in Tallahassee, FL

The SOC Engineer supports the design, maintenance, and continuous improvement of security engineering capabilities across the Florida Digital Service (FLDS). This role ensures the reliability, fidelity, and effectiveness of the Security Lake, telemetry pipelines, and related cybersecurity platforms that enable SOC operations. The SOC Engineer works closely with the Security Engineering Lead, other engineering staff, SOC Team Leads, and SOC Analysts to integrate log sources, tune sensors, maintain tool uptime, and support analytic workflows.

This position ensures that the technical foundations required for threat detection, monitoring, and analysis remain accurate, efficient, and resilient.

• Maintain baseline configurations and assist with deployment and monitoring of tool integrations across Security Lake, Operations platform, CTI platform, and other enterprise security platforms.
• Configure, tune, and validate sensors, agents, connectors, and ingestion pipelines to ensure consistent and accurate telemetry flow.
• Troubleshoot ingestion issues, schema mismatches, logging failures, and other engineering problems affecting SOC operations.
• Support coordination of engineering activities with the Security Engineering Lead and collaborate with SOC Team Leads to align engineering support with analyst needs.
• Participate in briefings, interagency technical discussions, and enterprise coordination activities as assigned.
• Collaborate across teams on cross-functional initiatives while ensuring engineering contributions align with shared objectives.

• Monitor ingestion health, schema alignment, and event fidelity across AWS Security Lake and integrated log sources.
• Validate telemetry accuracy and resolve gaps or inconsistencies reported by analysts or identified during engineering checks.
• Ensure adherence to schema standards and normalization requirements for all data flowing into Security Lake.
• Support onboarding, documentation, and lifecycle management of new log sources.

• Ensure complete and accurate documentation of engineering work, including configuration changes, integrations, and troubleshooting procedures.
• Analyze ingestion patterns, telemetry quality, and historical engineering issues to identify systemic weaknesses or opportunities for improved system performance.
• Support continuous improvement by refining ingestion logic, engineering SOPs, and automation workflows.
• Contribute to engineering performance measurement, maturity roadmap execution, and automation efforts as directed.

• Provide engineering support to CSOC by addressing telemetry gaps, correcting ingestion issues, and optimizing data sources needed for monitoring and analysis.
• Implement technical fixes based on analyst feedback, including adjustments to log sources, connectors, and system parameters.
• Assist analysts by enabling access to logs, resolving ingestion or query issues, and ensuring the tools function consistently and effectively.

Knowledge

• Understanding of cloud application platforms, cloud concepts, or cloud security fundamentals.
• Understanding of database querying languages such as SQL.
• Familiarity with logging pipeline concepts, including normalization, parsing, schema standards, and log source onboarding.
• Familiarity with enterprise security tools, sensors, agents, or connectors (EDR, network sensors, cloud telemetry, etc.).
• Knowledge of various industry-standard cybersecurity frameworks: NIST CSF 2.0 – Identify, Protect, Detect, Respond, Recover, and Govern; ISO 27001, CIS Controls Top 18

• Excellent analytical and technical skills.
• Strong communication skills…