Senior SOC Analyst specializing in security operations and incident response at PEXA, advancing digital property solutions in the UK. Collaborating with teams to enhance security measures and respond to incidents.
About the role
- Security Operations Engineer supporting federal cybersecurity initiatives across enterprise and cloud environments. Hands-on security engineering, operational monitoring, and compliance support.
Responsibilities
- Monitor, investigate, and respond to security alerts and incidents using **Elastic Security (SIEM/XDR)**
- Design, deploy, and maintain the **Elastic Stack (Elasticsearch, Logstash, Beats, Kibana)**
- Develop and tune detection rules, dashboards, and alerting workflows
- Conduct threat hunting and advanced log analysis
- Perform vulnerability scanning and analysis using tools such as **ACAS / Tenable**
- Track and remediate vulnerabilities in accordance with federal timelines
- Coordinate patching and mitigation efforts with infrastructure and application teams
- Implement and maintain controls aligned with **NIST 800-53, FISMA, and FedRAMP**
- Support **ATO (Authority to Operate)** activities including documentation and evidence collection
- Produce compliance and CDM reporting using Elastic dashboards and data feeds
- Integrate security monitoring and logging into **CI/CD pipelines** and Infrastructure-as-Code
- Automate ingestion, enrichment, and response workflows using **Python, Bash, or PowerShell**
- Enforce secure configuration baselines (STIGs, CIS benchmarks)
- Partner with DevOps and SRE teams to embed security observability into system design
- Advise stakeholders on risk posture, detections, and mitigation strategies
- Communicate technical findings to both technical and non-technical audiences
Requirements
- Hands-on production experience with the **Elastic Stack (ELK)**
- Direct experience using **Elastic Security** as a SIEM/XDR platform
- Log pipeline design, parsing, enrichment, and lifecycle management
- Security event monitoring, alert triage, and incident response
- Linux and Windows security administration
- Scripting or automation experience (**Python, Bash, or PowerShell**)
- Experience in **cloud or hybrid environments** (AWS, Azure, GCP, or GovCloud)
- Strong familiarity with NIST 800-53, 800-61, 800-137
- FISMA federal cybersecurity requirements
- FedRAMP control implementation and monitoring
- Experience supporting audits, assessments, or **ATO packages**
- **Active Secret Clearance**
Benefits
- comprehensive PPO medical coverage with access to a Health Savings Account (HSA) option
- vision plan
- dental insurance with the base dental plan option paid for by PGTEK
- Life Insurance
- Short and Long-Term disability
- Critical Illness insurance have premiums covered
- matching 401(k) plan
- discount on pet insurance through ASPCA Pet Insurance
- Employee Assistance Program available at no cost to all employees
- generous amount of PTO and Holidays
- Education Assistance Program available after 12 months of employment
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Monitoring Analyst developing XDR detection rules for cybersecurity at ESET. Actively contributing to threat defense innovation while monitoring security environments.
Overseeing global security operations across 81 sites for QVC Group, a Fortune 500 live shopping company. Managing security programs with expertise in investigations and crisis management.
Junior SOC Analyst supporting security team with monitoring and analysis of security incidents in Berlin. In a hybrid work environment, gain hands - on cybersecurity experience through mentorship.
Infrastructure Security Operations Analyst at Terumo safeguarding digital and operational technology across EMEA. Collaborating with external partners and maintaining security standards.
Infrastructure Security Operations Analyst overseeing security risks for Terumo’s digital landscape across EMEA. Ensuring robust security measures while collaborating with stakeholders in a global environment.
Overseeing Security Operations Team's strategies and implementations for interactive investor. Ensuring protection of key business assets through analysis and incident response.
Senior Security Engineer managing perimeter security operations for Fanatics' global e - commerce platform. Focus on operations, detection, automation, and reliability across multiple CDN and networking layers.
SOC Analyst Level 2 role focusing on security incidents and response plans in a hybrid environment. Working with cross - functional teams to enhance security practices and incident handling.
Cybersecurity Analyst monitoring network and system activity at AT&T to detect and respond to cyber threats. Participating in incident response and threat analysis for US Government Program.