Senior Security Operations Engineer

Job Title

Senior Security Operations Engineer

Washington, DC

This is an onsite position. Place at NIGC Headquarters located at 550 12th Street SW, Washington, DC 20024.

Only US Citizen or Green Card candidate

• Architect, deploy, configure, administer, and maintain enterprise security operations tools and technologies in production environments.
• Manage and optimize Security Information and Event Management (SIEM) platforms including log ingestion, correlation rules, alert tuning, dashboard development, use-case creation, and operational monitoring.
• Deploy, administer, and maintain Endpoint Detection and Response (EDR) solutions to support endpoint visibility, threat detection, containment, and remediation activities.
• Configure and manage Intrusion Detection and Prevention Systems (IDS/IPS), network security monitoring tools, and threat detection technologies to identify and respond to malicious activity.
• Administer vulnerability management platforms, conduct authenticated and unauthenticated vulnerability scans, validate remediation activities, and support enterprise vulnerability reduction initiatives.
• Manage enterprise log management and security monitoring platforms, ensuring collection, normalization, retention, and analysis of security‑relevant telemetry across servers, endpoints, applications, cloud platforms, and network devices.
• Implement and support cloud security technologies across AWS, Azure, and/or Google Cloud environments, including cloud‑native monitoring, workload protection, identity security, and compliance monitoring capabilities.
• Perform hands‑on system integration, tool deployment, platform upgrades, patching, troubleshooting, and operational maintenance activities for security technologies.
• Develop detection engineering content including SIEM correlation rules, EDR detections, IOC‑based alerts, behavioral analytics, and automated response workflows.
• Support cyber operations activities including continuous monitoring, threat hunting, incident detection, containment, eradication, and recovery efforts.
• Collaborate with infrastructure, network, cloud, and application teams to integrate security controls and improve enterprise security posture.
• Create technical documentation, standard operating procedures, architecture diagrams, implementation guides, and operational runbooks.

• Demonstrated hands‑on experience implementing and operating enterprise cybersecurity tools in production environments.
• Strong operational experience with technologies such as:
  • SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, Arc Sight)
  • Vulnerability management tools (e.g., Tenable Nessus, Qualys, Rapid7)
  • Log management and monitoring solutions
  • SOAR and security automation platforms
  • Cloud security platforms and native cloud security tooling