JOB OVERVIEW:MartinFed is seeking a highly experienced Security Operations Center (SOC) Engineer III to provide advanced cybersecurity monitoring, detection, analysis, and incident response support within a complex enterprise environment. The ideal candidate will serve as a senior technical resource responsible for engineering, optimizing, and maintaining security operations platforms while leading efforts to detect, investigate, and mitigate cybersecurity threats.
This role requires extensive experience in Security Operations Center (SOC) environments, security information and event management (SIEM) platforms, log aggregation, threat hunting, incident response, and security automation. The SOC Engineer III will collaborate with cybersecurity teams, system administrators, network engineers, and organizational leadership to strengthen the organization's security posture and ensure continuous monitoring of critical systems and infrastructure.
ESSENTIAL DUTIES AND RESPONSIBILITIES:- Lead security monitoring operations utilizing SIEM technologies, including Splunk and Cribl platforms.
- Design, implement, configure, and maintain enterprise security monitoring and logging solutions.
- Perform advanced threat detection, threat hunting, and incident analysis activities across enterprise networks and cloud environments.
- Investigate security alerts, incidents, and anomalies to determine root cause, impact, and remediation actions.
- Develop and maintain security use cases, correlation searches, dashboards, reports, and automated workflows.
- Engineer and optimize log collection, normalization, enrichment, and retention strategies.
- Support the deployment, administration, and optimization of Splunk Enterprise, Splunk Cloud, and Cribl environments.
- Develop security content to improve detection capabilities for emerging cyber threats and adversarial tactics.
- Lead incident response activities and coordinate containment, eradication, recovery, and lessons learned efforts.
- Conduct security assessments and identify opportunities to improve monitoring, visibility, and operational effectiveness.
- Collaborate with cloud, network, and systems engineering teams to integrate security controls and monitoring solutions.
- Develop operational procedures, technical documentation, and standard operating procedures (SOPs).
- Provide technical leadership and mentorship to junior SOC analysts and engineers.
- Generate executive-level reports, metrics, and briefings regarding security incidents, trends, and organizational risk.
- Support compliance initiatives, audits, and security assessments in accordance with federal cybersecurity requirements.
- Stay current on emerging threats, attack techniques, and cybersecurity technologies to enhance defensive capabilities.
REQUIRED QUALIFICATIONS:- United States Citizen with a DoD Secret clearance.
- Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a closely related technical field. Relevant experience may be considered in lieu of degree requirements.
- Minimum of 10 years of experience performing IT Security Operations in enterprise or government environments.
- Demonstrated experience supporting Security Operations Centers (SOCs), Cyber Defense Operations, or Security Monitoring Programs.
- Advanced experience administering, engineering, and supporting Splunk Enterprise and/or Splunk Cloud environments.
- Experience implementing and maintaining log management, SIEM, and security analytics platforms.
- Strong knowledge of incident response, threat hunting, digital forensics, malware analysis, and vulnerability management.
- Experience with cloud security monitoring and AWS security services.
- Knowledge of cybersecurity frameworks and standards, including:
- NIST Cybersecurity Framework (CSF)
- NIST 800 Series
- Risk Management Framework (RMF)
- FISMA
- Security Technical Implementation Guides (STIGs)
- MITRE ATT&CK Framework
- Strong understanding of network security, endpoint security, identity and access management, and security architecture.
- Experience developing security dashboards, correlation searches, alerts, reports, and automation workflows.
- Excellent analytical, troubleshooting, communication, and leadership skills.
PHYSICAL REQUIREMENTS & ENVIRONMENTAL CONDITIONS- Inside office environment.
- Working on a computer for long periods of time.
- May involve long period of sitting at a desk.
- The work environment is fast-paced and sometimes involves extreme deadline pressures.
OTHER DUTIESThis job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
