Security Operations Center Engineer

General Dynamics Information Technology (GDIT) is seeking a highly skilled and motivated Security Operations Center (SOC) Engineer to join our dynamic Cybersecurity team. In this role, you will be instrumental in developing and maintaining the tools and capabilities used to monitor, analyze, and respond to security threats. The ideal candidate brings a strong foundation in cybersecurity principles, hands-on experience with SIEM platforms, and the ability to thrive in a fast-paced, collaborative environment. Advance your career and support critical national security missions as a SOC Cybersecurity Engineer at GDIT, where technologists have diverse pathways to grow and make an impact across federal cyber operations. HOW A SECURITY OPERATIONS CENTER (SOC) ENGINEER WILL MAKE AN IMPACT : Engineering & Tuning: Develop, refine, and maintain detection rules in SIEM and EDR platforms to enhance detection quality and minimize false positives. Tool Development & Integration: Design and implement custom security tools and integrations using APIs to connect and optimize security platforms. Detection Engineering: Build and optimize complex SIEM detections (e.g., Splunk) to identify advanced threats. SOAR Automation: Create automation playbooks for tasks such as alert triage, IP blocking, and host isolation. Log Pipeline Management: Oversee ingestion, normalization, and parsing of custom data sources to ensure end‑to-end visibility. Incident Monitoring & Response: Monitor and analyze security events from SIEM, IDS/IPS, firewalls, and other security tools; respond to incidents in real time. Security Architecture: Partner with the SOC Architect to design scalable, resilient security infrastructure. Collaboration & Communication: Work closely with cybersecurity, IT, and engineering teams to ensure cohesive incident response and system integration. Security Enhancements: Identify opportunities to strengthen security processes, implement best practices, and contribute to continuous SOC improvement. WHAT YOU’LL NEED TO SUCCEED: Bachelor’s degree in Cybersecurity, Information Technology, or related discipline, or equivalent experience Minimum 5 years of experience in a SOC or cybersecurity-focused role Hands-on experience with SIEM tools such as Splunk, IBM QRadar, or ArcSight Strong understanding of cybersecurity concepts including network security, firewalls, IDS/IPS, and vulnerability management Familiarity with incident response practices and NIST security frameworks Strong analytical skills, attention to detail, and ability to prioritize effectively At least one relevant certification (e.g., CompTIA Security+, CySA+, CISSP, CEH, CISM, CASP, GSEC, GCIH) Experience with HBSS/ Trellix Excellent written and verbal communication skills Security Clearance Level: active TS/SCI clearance US Citizenship required Work is onsite at customer facility Desired Skills: Security Stack Mastery: Hands-on experience building/configuring SIEM, EDR/XDR, and SOAR platforms. Data Normalization: Experience with log parsing (Regex) and data modeling (CIM compliance). Familiarity with advanced threat detection, indicators of compromise, attack frameworks and incident response methodologies. Experience with threat intelligence, malware analysis, threat hunting. Experience with vulnerability management tools and techniques. Experience with endpoint security products. Experience with cloud security (VMWare Cloud Foundations). Experience with Zero Trust architecture and principles. Knowledge of scripting languages (e.g., PowerShell, Python, Bash) is a plus. GDIT IS YOUR PLACE At GDIT, the mission is our purpose, and our people are at the center of everything we do. ● Growth: AI-powered career tool that identifies career steps and learning opportunities ● Support: An internal mobility team focused on helping you achieve your career goals ● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off ● Community: Award-winning culture of innovation and a military-friendly workplace OWN YOUR OPPORTUNITY Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters. The likely salary range for this position is $114,750 - $155,250. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.