Security Engineer

Everforth ECS is seeking a Security Engineer to work remotely. 

At Everforth ECS Federal, we're driven by a commitment to excellence and innovation in solving complex challenges. As a premier provider of advanced technology solutions and services, our mission is to secure and optimize the most critical commercial, government, defense, and intelligence projects across the country. Our team is composed of dynamic professionals who thrive in a collaborative and empowering environment, where our team members leverage the latest technologies and insights to make a real-world impact. Join us and be part of a forward-thinking organization that values your expertise and supports your professional growth. 

The Security Engineer is responsible for supporting the engineering, implementation, and optimization of the security technologies, telemetry integrations, detection content, and automation capabilities that enable effective enterprise security monitoring and incident response operations. This role works closely with the SOC analysts, enterprise IT teams, and platform owners to ensure the reliability, scalability, and operational effectiveness of enterprise security monitoring capabilities. The Security Engineer will contribute to the continuous improvement of SOC technologies, detection engineering, and automation initiatives that strengthen the organization’s cybersecurity posture. 

Responsibilities 

• Security Platform Administration: Support the operation, maintenance, and optimization of SOC security platforms including SIEM, EDR, and related monitoring technologies. 

• Security Telemetry Integration: Configure and maintain telemetry integrations to ensure enterprise visibility across infrastructure, cloud, identity, and endpoint platforms. 

• Detection Engineering: Develop, tune, and maintain detection rules, alerts, and correlation logic to improve threat detection capabilities and reduce false positives. 

• SIEM Data Management: Monitor SIEM performance, data ingestion pipelines, and log normalization processes to ensure reliable and accurate data collection. 

• Security Automation Support: Implement and maintain automation and orchestration workflows to improve SOC operational efficiency and investigation response times. 

• Investigation Support: Provide technical support and expertise to SOC analysts during security investigations, threat hunting, and incident response activities. 

• Platform Integration: Collaborate with enterprise IT, cloud, and infrastructure teams to onboard new systems and services into the SOC monitoring environment. 

• Operational Monitoring: Monitor the health, reliability, and performance of security monitoring infrastructure and telemetry pipelines. 

• Technical Documentation: Maintain documentation related to detection logic, engineering procedures, telemetry integrations, and SOC platform configurations. 

• Continuous Improvement: Identify opportunities to enhance monitoring coverage, improve detection quality, and optimize engineering workflows within the SOC. 

Education Requirements 

• Bachelor’s degree in computer science, information security, or a related field. Will consider experience in lieu of a degree. 

Physical Demands

• While performing the duties of this job, the employee is regularly required to sit at a desk and use a computer for extended periods.
• The position is generally sedentary but may require walking or standing for brief periods of time.
• Employee may occasionally be required to move, carry, push, pull and/or lift objects up to 10 pounds.

Work Environment

• Job is performed in an office place setting.
• The noise level in the work environment is generally very low with minimal background noise.
• Comfortable climate control and adequate lighting.