SOC Analyst responsible for monitoring global threats and preventing cyber attacks for SHE. Collaborating with elite teams and documenting activities in Ludwigshafen.
About the role
- Security Operations Engineer supporting federal cybersecurity initiatives across enterprise and cloud environments. Hands-on security engineering, operational monitoring, and compliance support.
Responsibilities
- Monitor, investigate, and respond to security alerts and incidents using **Elastic Security (SIEM/XDR)**
- Design, deploy, and maintain the **Elastic Stack (Elasticsearch, Logstash, Beats, Kibana)**
- Develop and tune detection rules, dashboards, and alerting workflows
- Conduct threat hunting and advanced log analysis
- Perform vulnerability scanning and analysis using tools such as **ACAS / Tenable**
- Track and remediate vulnerabilities in accordance with federal timelines
- Coordinate patching and mitigation efforts with infrastructure and application teams
- Implement and maintain controls aligned with **NIST 800-53, FISMA, and FedRAMP**
- Support **ATO (Authority to Operate)** activities including documentation and evidence collection
- Produce compliance and CDM reporting using Elastic dashboards and data feeds
- Integrate security monitoring and logging into **CI/CD pipelines** and Infrastructure-as-Code
- Automate ingestion, enrichment, and response workflows using **Python, Bash, or PowerShell**
- Enforce secure configuration baselines (STIGs, CIS benchmarks)
- Partner with DevOps and SRE teams to embed security observability into system design
- Advise stakeholders on risk posture, detections, and mitigation strategies
- Communicate technical findings to both technical and non-technical audiences
Requirements
- Hands-on production experience with the **Elastic Stack (ELK)**
- Direct experience using **Elastic Security** as a SIEM/XDR platform
- Log pipeline design, parsing, enrichment, and lifecycle management
- Security event monitoring, alert triage, and incident response
- Linux and Windows security administration
- Scripting or automation experience (**Python, Bash, or PowerShell**)
- Experience in **cloud or hybrid environments** (AWS, Azure, GCP, or GovCloud)
- Strong familiarity with NIST 800-53, 800-61, 800-137
- FISMA federal cybersecurity requirements
- FedRAMP control implementation and monitoring
- Experience supporting audits, assessments, or **ATO packages**
- **Active Secret Clearance**
Benefits
- comprehensive PPO medical coverage with access to a Health Savings Account (HSA) option
- vision plan
- dental insurance with the base dental plan option paid for by PGTEK
- Life Insurance
- Short and Long-Term disability
- Critical Illness insurance have premiums covered
- matching 401(k) plan
- discount on pet insurance through ASPCA Pet Insurance
- Employee Assistance Program available at no cost to all employees
- generous amount of PTO and Holidays
- Education Assistance Program available after 12 months of employment
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Information Security Senior Director leading cybersecurity operations strategies at Mass General Brigham. Managing teams, budget, and cross - functional collaborations for security and compliance.
Senior Security Engineer on FINRA's Security Operations team implementing and maintaining security solutions. Collaborate with teams to enhance security and mentor junior staff.
Security Operations Lead at Aily Labs designing AI - native security operations solutions. Collaborating with engineers to build innovative security capabilities at scale.
L3 SOC Analyst managing responses to security incidents within classified systems. Operating in high - security SOC environments in India.
SOC Analyst enhancing cybersecurity operations for a global security team based in Manila, Philippines. Responsible for incident response, threat analysis, and process improvement.
Security Operations Center Specialist responsible for monitoring security activities and assisting personnel in safety matters at USAA. Work includes incident investigation and risk management.
SOC Engineer at Phoenix, leading onboarding activities and optimizing security technologies and processes. Collaborating with teams to ensure effective detection and response in managed services.
Cybersecurity Intern at Westinghouse supporting vulnerability management and operations. Conducting scans and analyzing threats in a hands - on technology environment.
Security Operations Analyst supporting global SOC team by managing operational security requests and ensuring effective security processes. Collaborating in a dynamic global legal services environment.