Allied Consultants

Security Operations Engineer

Allied Consultants$90K — $120K *
San Antonio, TX 78228In-Person
Information Technology
5 - 7 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 5 years of SOC operations experience.
  • Hands-on expertise with IDS/IPS platforms (Cisco Firepower and TippingPoint) for signature tuning and threat detection.
  • Advanced skills in packet capture (pcap) and network analysis (Corelight, NetWitness) for identifying anomalies.
  • Experience in maintaining and tuning EDR platforms (CrowdStrike Falcon and SentinelOne).
  • Proven ability to apply threat intelligence in practical settings.

Responsibilities

  • Engineer and optimize SIEM platforms, enhancing correlation rules and detection content.
  • Configure and tune IDS/IPS technologies to reduce false positives.
  • Conduct packet capture analysis to identify malicious traffic and validate alerts.
  • Perform network traffic analysis to spot anomalies and command-and-control activity.
  • Operationalize threat intelligence feeds within SOC platforms for better detection logic.
  • Continuously refine detection content based on intelligence insights to enhance alert accuracy.
  • Collaborate with SOC operations team to provide detection engineering and log onboarding.

Benefits

  • Opportunities for professional development and certifications on-site.
  • Engagement with cutting-edge security technologies and tools.
  • Collaboration in a dynamic team environment.
  • Potential involvement in statewide cybersecurity initiatives.
  • Flexible work arrangements, fostering work-life balance.
Full Job Description
Overview

Texas GovLink, Inc. is an Austin-based firm which has been a leading provider of technical and business professionals to clients in Texas. We are currently seeking an experienced Security Operations Engineer to be a key resource on a technical services team.

 

Responsibilities
  • Engineer, maintain, and tune SIEM platforms (Google SecOps, Gravwell), including correlation rules, dashboards, enrichment logic, and detection content.
  • Configure, tune, and optimize IDS/IPS technologies (Corelight, Tipping Point, Cisco Firepower), including signature development and false-positive reduction.
  • Perform packet capture (pcap) analysis to validate alerts, identify malicious traffic, and support investigations using Netwitness or Corelight.
  • Conduct network traffic analysis to detect anomalies, lateral movement, and command0and0control activity.
  • Strong understanding of network security architecture, including distributed sensors (Corelight), packet capture systems (NetWitness), and log pipelines (CRIBL, Gravwell, Google SecOps).
  • Operationalize threat intelligence feeds within SOC platforms and customers, converting indicators into detection logic, correlation rules, and automated enrichment workflows.
  • Continuously tune detection content based on intelligence0driven insights, improving alert fidelity and reducing false positives across statewide monitoring.
  • Develop and maintain orchestration playbooks within Cyware, integrating SIEM, EDR, threat intelligence, and ticketing systems to support statewide monitoring expansion and rapid incident handling.
  • Support SOC operations by providing detection engineering, log onboarding, and data normalization.
  • Develop and maintain network security monitoring infrastructure, including sensors, collectors, and log pipelines.
  • Collaborate with Incident Responders to provide network0level evidence, context, and threat validation.
  • Produce engineering reports, tuning documentation, and platform health assessments.
  • Implement detection logic aligned with MITRE ATT&CK, threat intelligence, and emerging adversary behaviors.
  • Produce engineering documentation, tuning reports, platform health assessments, and detection coverage maps using data from Firepower, TippingPoint, Corelight, NetWitness, Microsoft Sentinel, and Google SecOps
Qualifications

Minimum Requirements:Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.

Years

Required/Preferred

Experience

5

Required

SOC operations experience

5

Required

Hands0on experience with IDS/IPS platforms, specifically Cisco Firepower and TippingPoint, including signature tuning, false0positive reduction, and threat0driven detection improvements.

5

Required

Advanced packet capture (pcap) and network analysis skills using Corelight, NetWitness, and CRIBL pipelines to identify anomalies, malicious traffic, and lateral movement.

5

Required

Experience maintaining and tuning EDR platforms, including CrowdStrike Falcon and SentinelOne, and integrating EDR telemetry into SIEM and orchestration workflows.

5

Required

Threat intelligence application expertise

5

Required

Develop detection logic aligned with adversary TTPs

6

Preferred

Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.

5

Preferred

Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.

5

Preferred

Perform packet-level analysis to validate alerts and identify malicious activity

5

Preferred

Serves as an escalation SOC analysts to support other SOC analyst and incident responders with enriched network-level intelligence

5

Preferred

Proficiency with Google SecOps and Cyware (SOAR) orchestration, including building automated workflows that integrate SIEM, IDS/IPS, EDR (CrowdStrike, SentinelOne), threat intelligence, and Jira ticketing for SOC automation

4

Preferred

Security Certifications Preferred (CISSP, CEH, GISF, GSEC, CySA+, Sec+)

About Allied Consultants

Allied Universal is an American provider of security systems and services; janitorial services; and staffing. The company was formed in 2016 by the merger of Santa Ana, California-based security and janitorial services company Universal Services of America, and Conshohocken, Pennsylvania-based security firm AlliedBarton Security Services. At the time of the merger, the combined company was reportedly the largest provider of security guards in the United States, with 140,000 trained officers between the two companies. In October 2021, Allied Universal completed a $5.1 billion takeover of British security firm G4S, creating a combined company of 800,000 employees, with revenues of more than $18 billion USD. The company maintains two corporate headquarters, one is in Santa Ana, California and the main headquarters is in Conshohocken, Pennsylvania.
Learn more about Allied Consultants
Industry
Business Services
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Allied Consultants

More Information Technology Jobs

Find similar Security Operations Engineer jobs:

NationwideSan Antonio, TX