Security Engineer

ECS Tech Inc•Work from home, Virginia

22h•Remote

About The Position

Everforth ECS is seeking a Security Engineer to work remotely. At Everforth ECS Federal, we're driven by a commitment to excellence and innovation in solving complex challenges. As a premier provider of advanced technology solutions and services, our mission is to secure and optimize the most critical commercial, government, defense, and intelligence projects across the country. Our team is composed of dynamic professionals who thrive in a collaborative and empowering environment, where our team members leverage the latest technologies and insights to make a real-world impact. Join us and be part of a forward-thinking organization that values your expertise and supports your professional growth. The Security Engineer is responsible for supporting the engineering, implementation, and optimization of the security technologies, telemetry integrations, detection content, and automation capabilities that enable effective enterprise security monitoring and incident response operations. This role works closely with the SOC analysts, enterprise IT teams, and platform owners to ensure the reliability, scalability, and operational effectiveness of enterprise security monitoring capabilities. The Security Engineer will contribute to the continuous improvement of SOC technologies, detection engineering, and automation initiatives that strengthen the organization’s cybersecurity posture.

Requirements

Minimum of 3–5 years of cybersecurity or security engineering experience supporting enterprise security operations environments.
Hands-on experience supporting enterprise security monitoring technologies including SIEM, EDR, and log management platforms.
Experience creating, tuning, and maintaining detection content and alerting logic.
Familiarity with log collection, normalization, and telemetry integration across enterprise environments.
Experience implementing or supporting automation workflows within SOC or incident response operations.
Strong understanding of enterprise infrastructure, cloud environments, identity systems, and network security monitoring.
Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO 27001.
Able and willing to obtain a US Security Clearance.
Participates in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability.

Responsibilities

Support the operation, maintenance, and optimization of SOC security platforms including SIEM, EDR, and related monitoring technologies.
Configure and maintain telemetry integrations to ensure enterprise visibility across infrastructure, cloud, identity, and endpoint platforms.
Develop, tune, and maintain detection rules, alerts, and correlation logic to improve threat detection capabilities and reduce false positives.
Monitor SIEM performance, data ingestion pipelines, and log normalization processes to ensure reliable and accurate data collection.
Implement and maintain automation and orchestration workflows to improve SOC operational efficiency and investigation response times.
Provide technical support and expertise to SOC analysts during security investigations, threat hunting, and incident response activities.
Collaborate with enterprise IT, cloud, and infrastructure teams to onboard new systems and services into the SOC monitoring environment.
Monitor the health, reliability, and performance of security monitoring infrastructure and telemetry pipelines.
Maintain documentation related to detection logic, engineering procedures, telemetry integrations, and SOC platform configurations.
Identify opportunities to enhance monitoring coverage, improve detection quality, and optimize engineering workflows within the SOC.