Key skills
AWSAzureCloudGoogle Cloud PlatformSplunkGCPGoogle CloudCommunication
About this role
Role Overview
- Act as the primary technical escalation point for complex operational issues across SIEM and continuous monitoring programs, ensuring quick and effective resolutions.
- Maintain and optimize critical security systems, including SIEM platforms (e.g., Splunk, ELK, SumoLogic, Sentinel), vulnerability management and scanning tools (e.g., Nessus, Qualys, Tenable), and Anti-Virus/EDR solutions (Trend Micro Deep Security Manager, Microsoft Defender, Crowdstrike).
- Oversee continuous monitoring activities for FedRAMP and other compliance programs, including vulnerability scanning, configuration management, security control validation, and compliance artifact generation.
- Monitor and improve the team's use of automation and monitoring tools to drive operational efficiency across both SIEM and vulnerability management workflows.
- Analyze and resolve system performance issues, ensuring compliance with FedRAMP, SOC, HIPAA, and other security/operational standards.
- Participate in incident response, threat hunting, and post-mortem analysis to identify root causes and prevent recurrence.
- Manage a team of engineers across SIEM operations and continuous monitoring (vulnerability management) functions, fostering a high-performing and engaged team culture.
- Mentor and support the professional growth of engineers through training, feedback, and career development planning.
- Assist with hiring, onboarding, and retention to ensure team stability and growth.
- Oversee day-to-day delivery of security services, ensuring operational consistency and high-quality outcomes for both SIEM and continuous monitoring programs.
- Track and optimize key metrics such as incident response times, vulnerability remediation rates, false positive reduction, operational efficiency, and compliance posture.
- Develop and refine processes for incident response, vulnerability remediation, continuous monitoring reporting, and compliance documentation.
- Work with cross-functional teams, including consulting teams, SREs, and professional services teams, to improve service delivery and client satisfaction.
Requirements
- 7+ years of hands-on experience in technical roles, such as engineering or operations.
- Proven ability to manage operational processes and handle escalations.
- Experience balancing individual contributor work with team oversight.
- Strong technical expertise with SIEM platforms (e.g., Splunk, ELK, SumoLogic, Sentinel) and vulnerability management tools (e.g., Nessus, Qualys, Tenable).
- Deep understanding of continuous monitoring requirements for FedRAMP, including OSCAL, POA&M management, and automated security control validation.
- Proven ability to troubleshoot and resolve complex technical issues in high-pressure environments across both threat detection and vulnerability management domains.
- Hands-on experience with cloud platforms (AWS, Azure, or GCP) and their associated security practices, including cloud-native vulnerability scanning and CSPM tools.
- Solid understanding of security compliance frameworks (e.g., FedRAMP, SOC, HIPAA, NIST 800-53).
- Ability to mentor and guide team members while contributing to technical solutions.
- Strong written and verbal communication skills, particularly in documenting technical insights and creating compliance artifacts.
- Bachelor’s degree (four-year college or university) or a equivalent work experience.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Splunk
Benefits
- paid parental leave
- flexible time off
- certification and training reimbursement
- digital mental health and wellbeing support membership
- comprehensive insurance options