CSOC Security Engineer

The Norland Group is seeking an experienced Security Engineer to support a Cybersecurity Operations Center for a large public sector client. This role involves performing security audits, conducting application-level security testing, and collaborating with development and operations teams to ensure secure system design.

Responsibilities:

• Perform security audits, risk analysis, and vulnerability assessments
• Conduct application-level security testing and code reviews
• Develop and implement technical solutions to mitigate security vulnerabilities
• Investigate and research emerging threats and new attack vectors
• Collaborate with development and operations teams to ensure secure system design
• Support SOC operations including alert triage and incident investigation
• Contribute to enhancing data privacy and system security posture

Requirements:

• Minimum 10+ years of experience in cybersecurity / security engineering
• Strong experience in securing applications and safeguarding sensitive data
• Solid understanding of white-hat hacking and core computer science concepts
• Must-Have (Recent Hands-On Experience)
• CrowdStrike – alert triage and event investigation (within last 2–3 years)
• Elastic Security / ELK – alert handling and analysis (within last 2–3 years)
• SecureWorks (or similar SIEM) – alert triaging experience
• Cribl (or similar) – administration / daily operations (last 1–2 years)
• Microsoft Defender for Identity (or similar) – Investigating phishing emails, Handling high-risk user activity
• SOC Operations & Alert Triage
• Incident Response & Threat Hunting
• SIEM / EDR / Log Analysis
• Vulnerability Management & Risk Mitigation
• Security Engineering & Detection Capabilities
• Bachelor's degree in IT, Computer Science, Engineering, or related field (Equivalent experience may be considered in place of degree)
• Must be comfortable working graveyard shift & weekends