Principal Security Operations Intregration Engineer

About The Position

Requirements

• 7+ years in detection engineering, security architecture, or advanced SOC/IR roles.
• Strong experience with cloud logs, detections, and threat modeling in AWS, Azure, or GCP environments.
• Hands-on experience with: SIEM/SOAR (Splunk preferred) Cloud monitoring (CloudTrail, GuardDuty, Azure Monitor, GCP Logging) DAST/IAST (e.g., Acunetix) Container/SCA scanning (BlackDuck, Trivy) Infrastructure scanning (Tenable or similar)
• Ability to translate complex technical requirements into scalable onboarding workflows.
• Excellent communication and collaboration skills with engineering teams and customers.
• Master’s degree or equivalent certifications (CISSP, GCIH, Cloud Security certs, etc.).
• U.S. Citizenship required.

Responsibilities

• Review SaaS vendor architectures and identify threats, attack vectors, and monitoring gaps.
• Communicate with customers to better understand their architecture and processes.
• Define and guide required logging and scanning coverage across AWS, Azure, and GCP.
• Author high-quality detections mapped to MITRE ATT&CK and aligned with NIST 800-53 controls.
• Partner with Engineering to ingest, configure, and validate logs and telemetry from new vendors.
• Establish scanning coverage across web applications, apis, containerized workloads, and virtual machines.
• Build reusable onboarding frameworks and documentation for the continuous monitoring.
• Support SOC with detection tuning, triage guidance, and onboarding-related escalations.
• Contribute to CGC’s continuous monitoring strategy and FedRAMP/StateRAMP compliance requirements.

Benefits

• Our wellness package provides access to an on-site gym and includes medical, dental, and vision insurance along with options for FSA and EAP.
• We offer 401(k) with employer match, unlimited PTO, and a culture respectful of the reality that not everything in one’s personal life is guaranteed to happen only after hours.