Security System Administrator, Lead

Quzara LLC

$100K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, IT, Computer Science, or similar.
  • 6-9+ years of experience in SOC or Security Administration, with leadership roles.
  • Proficient in designing SOC processes and operational models.
  • Hands-on experience with SIEM, SOAR, and EDR platforms.
  • Defined alert triage and response procedures in a SOC environment.
  • Familiarity with security operations frameworks and best practices.
  • Strong documentation skills and technical communication abilities.

Responsibilities

  • Design and define SOC operating models, including escalation paths.
  • Develop and maintain SOC workflows, playbooks, and standard operating procedures.
  • Establish alert triage criteria and investigation workflows for security events.
  • Define configuration standards for SIEM, SOAR, and EDR platforms.
  • Lead SOC readiness reviews and operational assessments.
  • Execute transition plans from implementation to steady-state SOC operations.
  • Collaborate with technical and compliance teams to align SOC processes.

Benefits

  • Flexible hybrid working environment (remote/on-site).
  • Full-time schedule with standard hours Monday to Friday.
  • Opportunities for skill development in SOC operations.
Full Job Description
Job Title: Security System Administrator, Lead

Pay Type: SALARIED EXEMPT

Location: Hybrid, Washington, DC (Must Work East Coast Hours)

Citizenship: U.S. Citizenship (Required)

Summary of Position Role/Responsibilities

The Security System Administrator - Lead is responsible for designing and standardizing Security Operations Center (SOC) capabilities, including processes, workflows, playbooks, and tooling standards. This role focuses on developing and maturing Tier 1 and Tier 2 SOC operational models, ensuring detection, triage, and response procedures meet organizational and compliance requirements. Rather than performing routine monitoring, the position leads the establishment, readiness, and transition of SOC operations to steady-state execution, collaborating with engineering, compliance, and SOC teams to maintain consistent and scalable security across environments.

Essential Functions of the Job

  • Design and define SOC operating models, including escalation paths, roles, and responsibilities across Tier 1 and Tier 2 functions.
  • Develop and maintain SOC workflows, playbooks, standard operating procedures (SOPs), and runbooks to support detection and response activities.
  • Establish alert triage criteria, investigation workflows, and response standards for security events.
  • Define and oversee configuration standards for SIEM, SOAR, and Endpoint Detection & Response (EDR) platforms.
  • Support and lead SOC readiness reviews, validation exercises, and operational assessments to ensure effectiveness of processes and tooling.
  • Develop and execute transition plans from implementation to steady-state SOC operations, ensuring operational continuity.
  • Collaborate with Security Engineers, Threat Detection teams, and Compliance stakeholders to align SOC processes with enterprise security requirements.
  • Ensure all SOC processes and tooling configurations align with applicable security frameworks and operational standards.


Marginal Functions of the Job

  • Other duties as assigned


Normal Work Schedule:

This full-time role runs Monday to Friday, 8:30 AM-5:30 PM and requires flexibility to work remotely or on-site (if applicable per client RTO policies). On occasion additional hours may be necessary.

Education, Training, and Experience

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • 6-9+ years of experience in Security Operations, SOC Engineering, or Security Administration, with demonstrated leadership responsibilities.
  • Experience designing and implementing SOC processes, workflows, and operational models.
  • Hands-on knowledge of SIEM, SOAR, and EDR platforms, including configuration and operational standards.
  • Experience defining alert triage, incident investigation, and response procedures.
  • Familiarity with security operations frameworks and best practices in detection and response.
  • Experience supporting SOC stand-up, transformation, or maturity initiatives is highly desirable.
  • Strong documentation and process development skills, with the ability to create structured operational content.
  • Excellent collaboration and communication skills across technical and non-technical stakeholders.
  • Must be a U.S. Citizen and eligible to support federal contracting environments.


Preferred Certifications

  • CISSP (Certified Information Systems Security Professional)
  • GCIH (GIAC Certified Incident Handler) or GCIA (GIAC Certified Intrusion Analyst)
  • Security+, CEH, or similar certifications


Similar Jobs

More Jobs at Quzara LLC

More Information Technology Jobs

Find similar Security System Administrator, Lead jobs: