Security Monitoring SME

Basic Qualifications:

• Bachelor’s degree and 8 years of experience or 12 years of experience with a HS Diploma/equivalent.
• Must have at least one Certifications form the following: CASP+ CE, CCNP Security, CISA, CISSP (or Associate), CISSP-ISSAP, CISSP-ISSEP, GCED, or GCIH.
• Expertise with cloud platforms (IaaS, PaaS, SaaS) and security monitoring tools.
• Strong knowledge of SIEM technologies, log aggregation, and incident response lifecycle.
• Proven ability to analyze network and endpoint activity to determine threat impact and scope.
• Excellent communication and organizational skills in high-tempo environments.
• Must be a US Citizen.
• Must be able to obtain and maintain the required agency clearance.

• Hands-on experience with cloud-native security tools (AWS Cloud Trail, Azure Sentinel, etc.).
• Knowledge of malware behavior, network traffic analysis, and system hardening.
• Experience creating SOC runbooks, detection rules, and playbooks.
  
  Ability to brief executive leadership on threats and security posture.

We are seeking an experienced Security Monitoring SME to provide expert-level support in a 24x7x365 cybersecurity operations environment. The ideal candidate will lead efforts in cloud and network monitoring, threat detection, incident response, and cyber defense strategy.

• Provide SME-level support for security and cloud monitoring across hybrid environments.
• Lead analysis and response for cybersecurity incidents and alerts.
• Develop and fine-tune monitoring content, dashboards, and detections.
• Perform advanced threat and log analysis using SIEM, EDR, and forensic tools.
• Correlate data from multiple sources to identify potential threats and vulnerabilities.
  
  Coordinate response efforts and brief leadership during significant incidents.
• Conduct after-action reviews and produce clear incident and intelligence reports.
• Mentor analysts and develop training programs to enhance monitoring capabilities.