Act as the primary technical escalation point for complex operational issues across SIEM and continuous monitoring programs, ensuring quick and effective resolutions.
Maintain and optimize critical security systems, including SIEM platforms (e.g., Splunk, ELK, SumoLogic, Sentinel), vulnerability management and scanning tools (e.g., Nessus, Qualys, Tenable), and Anti-Virus/EDR solutions (Trend Micro Deep Security Manager, Microsoft Defender, Crowdstrike).
Oversee continuous monitoring activities for FedRAMP and other compliance programs, including vulnerability scanning, configuration management, security control validation, and compliance artifact generation.
Monitor and improve the team's use of automation and monitoring tools to drive operational efficiency across both SIEM and vulnerability management workflows.
Analyze and resolve system performance issues, ensuring compliance with FedRAMP, SOC, HIPAA, and other security/operational standards.
Participate in incident response, threat hunting, and post-mortem analysis to identify root causes and prevent recurrence.
Manage a team of engineers across SIEM operations and continuous monitoring (vulnerability management) functions, fostering a high-performing and engaged team culture.
Mentor and support the professional growth of engineers through training, feedback, and career development planning.
Assist with hiring, onboarding, and retention to ensure team stability and growth.
Oversee day-to-day delivery of security services, ensuring operational consistency and high-quality outcomes for both SIEM and continuous monitoring programs.
Track and optimize key metrics such as incident response times, vulnerability remediation rates, false positive reduction, operational efficiency, and compliance posture.
Develop and refine processes for incident response, vulnerability remediation, continuous monitoring reporting, and compliance documentation.
Work with cross-functional teams, including consulting teams, SREs, and professional services teams, to improve service delivery and client satisfaction.

Requirements

7+ years of hands-on experience in technical roles, such as engineering or operations.
Proven ability to manage operational processes and handle escalations.
Experience balancing individual contributor work with team oversight.
Strong technical expertise with SIEM platforms (e.g., Splunk, ELK, SumoLogic, Sentinel) and vulnerability management tools (e.g., Nessus, Qualys, Tenable).
Deep understanding of continuous monitoring requirements for FedRAMP, including OSCAL, POA&M management, and automated security control validation.
Proven ability to troubleshoot and resolve complex technical issues in high-pressure environments across both threat detection and vulnerability management domains.
Hands-on experience with cloud platforms (AWS, Azure, or GCP) and their associated security practices, including cloud-native vulnerability scanning and CSPM tools.
Solid understanding of security compliance frameworks (e.g., FedRAMP, SOC, HIPAA, NIST 800-53).
Ability to mentor and guide team members while contributing to technical solutions.
Strong written and verbal communication skills, particularly in documenting technical insights and creating compliance artifacts.
Bachelor’s degree (four-year college or university) *or* a equivalent work experience.

Benefits

paid parental leave
flexible time off
certification and training reimbursement
digital mental health and wellbeing support membership
comprehensive insurance options

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEMvulnerability managementincident responsethreat huntingcloud security practicestroubleshootingautomationmonitoringcompliance documentationprocess development

Soft Skills

team managementmentoringcommunicationproblem-solvingoperational efficiencycollaborationleadershipfeedbackcareer developmentclient satisfaction