Mid-Level SOC/Cloud Security Engineer
About The Position
The Mid-Level SOC/Cloud Security Engineer is a key member of the HHSC Cybersecurity Operations team responsible for monitoring, detecting, and responding to cybersecurity threats across enterprise and cloud environments. This role supports the protection of agency systems and sensitive data by performing security investigations, assisting with vulnerability remediation, and strengthening defensive controls. The analyst operates with moderate independence and collaborates closely with senior engineers, cloud teams, infrastructure partners, and incident responders to maintain a secure technology environment. This position contributes to the continuous improvement of HHSC’s Security Operations Center (SOC) by supporting threat detection capabilities, improving visibility, and helping reduce organizational risk. The role also supports regulatory and security requirements aligned with TAC 202, HIPAA, IRS 1075, NIST 800-53, and other applicable state and federal standards.
Requirements
- Working knowledge of SOC operations, incident response processes, and threat detection concepts.
- Solid knowledge of incident response practices in enterprise settings.
- Knowledge of vulnerability scanning or remediation processes.
- Solid knowledge of vulnerability management practices and remediation workflows.
- Foundational knowledge of AWS and Azure security capabilities.
- Knowledge of attacker tactics and frameworks such as MITRE ATT&CK.
- Basic scripting or automation skills (PowerShell, Python, or similar) are a plus.
- Effective written and verbal communication skills.
- Strong analytical and problem-solving abilities.
- Ability to clearly document technical findings.
- Ability to work collaboratively in a fast-paced operational environment.
- Ability to maintain the security and integrity of critical infrastructure systems by preventing unauthorized access and ensuring compliance with laws and regulations related to national security and foreign ownership restrictions
- Minimum 3+ years of cybersecurity experience, with at least 1–2 years in a SOC, cloud security, or security operations role.
- Experience working with SIEM platforms and security monitoring tools.
- Experience supporting cloud security environments (AWS, Azure, or similar)
- Experience with SIEM platforms such as Splunk, Sentinel, or similar tools is preferred.
Nice To Haves
- CompTIA Security+
- SC-200 (Microsoft Security Operations Analyst)
- GIAC GSEC or GCIH (preferred)
- AWS Cloud Practitioner or Security Specialty (preferred)
- Certified Ethical Hacker (CEH)
Responsibilities
- Security Operations Monitoring & Incident Response
- Vulnerability Management & Risk Reduction
- Cloud Security Operations
- Security Tool Administration & SIEM Support
- Compliance & Documentation Support
- Other Duties as Assigned
Benefits
- comprehensive benefits package includes 100% paid employee health insurance for full-time eligible employees
- a defined benefit pension plan
- generous time off benefits
- numerous opportunities for career advancement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
