Principal Security Operations Intregration Engineer

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process.

Full Time Tysons, VA, US

4 days ago Requisition

Merlin Group operates at the intersection of cyber innovation, national security, and technology-driven transformation. With a mission to accelerate the adoption of high-impact technologies across the U.S. public sector and regulated commercial markets, Merlin is uniquely structured around three core tenets – Invest, Enable, and Scale – each designed to address a specific stage of the technology lifecycle. Together, our affiliates – Merlin Ventures, CGC, and Merlin Cyber – form a flywheel that builds enduring capability for customers, partners, and the broader cyber ecosystem, operationalizing technological advancement into mission-ready, enterprise-grade solutions.

At Merlin, we believe our strength lies in our people. Team members are encouraged to be creative, collaborative, and nimble, pursuing paths to deliver the cutting‑edge cybersecurity solutions that our customers rely on. From next‑generation cyber defense to secure cloud and AI, we are united by one purpose – transforming innovation into mission impact.

We’re looking for a Principal Security Operations Integration Engineer to lead the technical security onboarding of SaaS vendors onto our platform. You’ll evaluate vendor architectures, identify risks and attack paths, define the logs and scans we need, and build the detections that keep our platform secure.

You’ll work closely with engineering teams and our SOC to design monitoring pipelines, configure logging across AWS, Azure, and GCP environments, and ensure every vendor meets FedRAMP continuous monitoring requirements.

If you love building scalable detections, working directly with product and engineering teams, and helping cloud vendors operate securely, this is the role for you. This is a remote position.

• Review SaaS vendor architectures and identify threats, attack vectors, and monitoring gaps.
• Communicate with customers to better understand their architecture and processes.
• Define and guide required logging and scanning coverage across AWS, Azure, and GCP
  .
• Author high‑quality detections mapped to MITRE ATT&CK and aligned with NIST 800‑53 controls.
• Partner with Engineering to ingest, configure, and validate logs and telemetry from new vendors.
• Establish scanning coverage across web applications, apis, containerized workloads, and virtual machines.
• Build reusable onboarding frameworks and documentation for the continuous monitoring.
• Support SOC with detection tuning, triage guidance, and onboarding‑related escalations.
• Contribute to CGC’s continuous monitoring strategy and FedRAMP/State
  
  RAMP compliance requirements.

• 7+ years in detection engineering, security architecture, or advanced SOC/IR roles.
• Strong experience with cloud logs, detections, and threat modeling in AWS, Azure, or GCP environments
  .
• Hands‑on experience with:
• SIEM/SOAR (Splunk preferred)
• Container/SCA scanning (Black Duck, Trivy)
• Infrastructure scanning (Tenable or similar)
• Ability to translate complex technical requirements into scalable onboarding workflows.
• Excellent communication and collaboration skills with engineering teams and customers.
• Master’s degree or equivalent certifications (CISSP, GCIH, Cloud Security certs, etc.).

• Commitment to personal and professional integrity and respect for others.
• Roll‑up‑your‑sleeves attitude and low‑ego approach.
• Commitment to teamwork and professional relationship development.
• Passion for lifelong learning, growth, and development.
• Flexible and nimble; comfortable with ambiguity and rapid change.
• Strong communication and functional project management skills.
• Desire to innovate, try new things, and creatively explore novel solutions to business challenges.
• Professional and respectful approach to the diversity of thought, action, identity, and attributes.

We want to empower and inspire employees to be and do their best. Our workdays are dynamic, collegial, and fun. Our office features multiple places to work unconstrained by typical office barriers. Our wellness package provides access to an on‑site gym and includes medical, dental, and vision insurance along with options for FSA and EAP. We offer 401(k) with employer match, unlimited PTO, and a culture respectful of the reality that not everything in one’s personal life is guaranteed to happen only after hours.

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran, or any other status protected by applicable federal, state, local, or international law.