Security System Administrator, Lead

Quzara LLC•Washington, DC

8d•Hybrid

About The Position

The Security System Administrator – Lead is responsible for designing and standardizing Security Operations Center (SOC) capabilities, including processes, workflows, playbooks, and tooling standards. This role focuses on developing and maturing Tier 1 and Tier 2 SOC operational models, ensuring detection, triage, and response procedures meet organizational and compliance requirements. Rather than performing routine monitoring, the position leads the establishment, readiness, and transition of SOC operations to steady-state execution, collaborating with engineering, compliance, and SOC teams to maintain consistent and scalable security across environments.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
6–9+ years of experience in Security Operations, SOC Engineering, or Security Administration, with demonstrated leadership responsibilities.
Experience designing and implementing SOC processes, workflows, and operational models.
Hands-on knowledge of SIEM, SOAR, and EDR platforms, including configuration and operational standards.
Experience defining alert triage, incident investigation, and response procedures.
Familiarity with security operations frameworks and best practices in detection and response.
Strong documentation and process development skills, with the ability to create structured operational content.
Excellent collaboration and communication skills across technical and non-technical stakeholders.
Must be a U.S. Citizen and eligible to support federal contracting environments.

Nice To Haves

Experience supporting SOC stand-up, transformation, or maturity initiatives is highly desirable.
CISSP (Certified Information Systems Security Professional)
GCIH (GIAC Certified Incident Handler) or GCIA (GIAC Certified Intrusion Analyst)
Security+, CEH, or similar certifications

Responsibilities

Design and define SOC operating models, including escalation paths, roles, and responsibilities across Tier 1 and Tier 2 functions.
Develop and maintain SOC workflows, playbooks, standard operating procedures (SOPs), and runbooks to support detection and response activities.
Establish alert triage criteria, investigation workflows, and response standards for security events.
Define and oversee configuration standards for SIEM, SOAR, and Endpoint Detection & Response (EDR) platforms.
Support and lead SOC readiness reviews, validation exercises, and operational assessments to ensure effectiveness of processes and tooling.
Develop and execute transition plans from implementation to steady-state SOC operations, ensuring operational continuity.
Collaborate with Security Engineers, Threat Detection teams, and Compliance stakeholders to align SOC processes with enterprise security requirements.
Ensure all SOC processes and tooling configurations align with applicable security frameworks and operational standards.
Other duties as assigned

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume