Security Operations Engineer I

Firefly Aerospace•Cedar Park, TX

About The Position

As a Security Operations Engineer I at Firefly Aerospace, you will play a critical role in engineering, maintaining, and optimizing the automation architecture across our cybersecurity ecosystem. This role focuses heavily on workflow automation, scripting, and the deep integration of security tools with enterprise applications. You will operate at the intersection of system design, data science, and cybersecurity, streamlining operations to reduce manual workloads while significantly strengthening our overall security posture. This position offers the opportunity to build full-stack solutions and drive efficiency through automation. You will collaborate closely with security leadership, system administrators, and development teams to enhance our monitoring capabilities and ensure strict alignment with critical compliance frameworks.

Requirements

BS or MS degree in Computer Science, Cybersecurity, Data Science, or a related technical discipline.
Demonstrated proficiency in programming and scripting languages (Python, Bash, PowerShell).
Experience with containerization (e.g. Docker, Kubernetes)
Deep understanding of REST API integration, authentication mechanisms, and data parsing.
Strong foundation in system design, data aggregation, and creating visualization dashboards.
Experience managing code utilizing version control systems (Git).
Exceptional analytical problem-solving skills with a strict focus on operational efficiency.
Ability to communicate complex technical architectures clearly within a collaborative environment.
Must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.

Nice To Haves

Direct experience automating compliance evidence for NIST 800-171, CMMC, SOC 2, or ISO 27001.
Experience applying data science, data modeling, or anomaly detection within a cybersecurity context.
Hands-on experience with SIEMs, vulnerability scanners, and endpoint detection and response (EDR) platforms.
Exposure to cloud security automation (AWS Lambda, Azure Functions) and configuration management (Ansible, Terraform).
Professional certifications such as CompTIA Security+, Network+, or similar credentials.
Proficiency in AI tooling

Responsibilities

Develop, deploy, and maintain robust automation scripts utilizing Python, Bash, and PowerShell to support security infrastructure and compliance workflows.
Architect integrations between security tools and enterprise applications via REST APIs (GET/POST, OAuth, JSON parsing) to optimize data exchange.
Design and maintain reusable, automated processes for vulnerability management, patch management, and continuous compliance reporting.
Manage and maintain version-controlled codebases utilizing Git and established DevOps methodologies.
Drive the automation of continuous compliance monitoring and evidence gathering for critical frameworks, specifically NIST 800-171 and CMMC.
Automate security monitoring, anomaly detection, and rapid response workflows for endpoint activity and network vulnerabilities.
Execute proof-of-concept testing and validation for new security automation methodologies and tooling.
Maintain rigorous, accurate documentation for all engineered scripts, API integrations, and automation workflows.
Design and implement full-stack solutions to aggregate, transform, and visualize complex security data from disparate sources.
Develop web-based dashboards and reporting systems to provide continuous visibility into compliance status, vulnerability remediation, and system anomalies.
Apply data modeling and anomaly detection techniques to proactively identify and mitigate suspicious activities.
Partner with cross-functional technical teams to analyze existing workflows and engineer automated security solutions.