JOBSEARCHER

SOC Security Engineer

ARCHIVED

We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.

We are seeking a SOC Security Engineer for a long-term contract in Austin, TX.Engineer, maintain, and tune SIEM platforms (Google SecOps, Gravwell), including correlation rules, dashboards, enrichment logic, and detection content.Configure, tune, and optimize IDS/IPS technologies (Corelight, Tipping Point, Cisco Firepower), including signature development and false-positive reduction.Perform packet capture (pcap) analysis to validate alerts, identify malicious traffic, and support investigations using Netwitness or Corelight.Conduct network traffic analysis to detect anomalies, lateral movement, and command-and-control activity.Strong understanding of network security architecture, including distributed sensors (Corelight), packet capture systems (NetWitness), and log pipelines (CRIBL, Gravwell, Google SecOps).Operationalize threat intelligence feeds within SOC platforms and customers, converting indicators into detection logic, correlation rules, and automated enrichment workflows.Continuously tune detection content based on intelligence-driven insights, improving alert fidelity and reducing false positives across statewide monitoring.Develop and maintain orchestration playbooks within Cyware, integrating SIEM, EDR, threat intelligence, and ticketing systems to support statewide monitoring expansion and rapid incident handling.Support SOC operations by providing detection engineering, log onboarding, and data normalization.Develop and maintain network security monitoring infrastructure, including sensors, collectors, and log pipelines.Collaborate with Incident Responders to provide network-level evidence, context, and threat validation.Produce engineering reports, tuning documentation, and platform health assessments.Implement detection logic aligned with MITRE ATT&CK, threat intelligence, and emerging adversary behaviors.Produce engineering documentation, tuning reports, platform health assessments, and detection coverage maps using data from Firepower, TippingPoint, Corelight, NetWitness, Microsoft Sentinel, and Google SecOpsRequired SkillsSOC operations experienceHands-on experience with IDS/IPS platforms, specifically Cisco Firepower and TippingPoint, including signature tuning, false-positive reduction, and threat-driven detection improvements.Advanced packet capture (pcap) and network analysis skills using Corelight, NetWitness, and CRIBL pipelines to identify anomalies, malicious traffic, and lateral movement.Experience maintaining and tuning EDR platforms, including CrowdStrike Falcon and SentinelOne, and integrating EDR telemetry into SIEM and orchestration workflows.Threat intelligence application expertiseDevelop detection logic aligned with adversary TTPsPreferred Skills:Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.Perform packet-level analysis to validate alerts and identify malicious activityServes as an escalation SOC analysts to support other SOC analyst and incident responders with enriched network-level intelligenceProficiency with Google SecOps and Cyware (SOAR) orchestration, including building automated workflows that integrate SIEM, IDS/IPS, EDR (CrowdStrike, SentinelOne), threat intelligence, and Jira ticketing for SOC automationSecurity Certifications Preferred (CISSP, CEH, GISF, GSEC, CySA+, Sec+)What We OfferWork on a highly innovative team with cutting-edge technologyGreat opportunity to make a big impact and take ownership of technology initiativesAltruistic workCompetitive compensation and benefits including health, dental, vision, life and accident insurance, short-term disability insurance, and more!Luna Data Solutions, Inc. (LDS) provides equal employment opportunities to all employees. All applicants will be considered for employment. LDS prohibits discrimination and harassment of any type regarding age, race, color, religion, sexual orientation, gender identity, sex, national origin, genetics, protected veteran status, and/or disability status.