Posted today
Secret
Senior Level Career (10+ yrs experience)
Unspecified
50%
IT - Security
Oklahoma City, OK (On-Site/Office)•Ogden, UT•Mechancsbrg, PA•Montgomery, AL
Security Operations (SecOps) Engineer
Active Secret Clearance Required
Location: Hybrid – Must reside near a primary DISA DHMC site
Locations:
Oklahoma City, OK
Montgomery, AL
Ogden, UT
Mechanicsburg, PA
Travel: Yes – Weekly travel to DISA locations (you will work out of your local DISA site when not traveling)
Position Summary:
We are seeking a Security Operations (SecOps) Engineer to support federal cybersecurity initiatives across enterprise and cloud environments. This role combines hands-on security engineering, operational monitoring, and compliance support to ensure systems remain secure, observable, and audit-ready throughout their lifecycle.
The ideal candidate will have strong experience with Elastic / ELK Stack technologies, security monitoring, and federal compliance frameworks. This role partners closely with DevOps, SRE, and compliance teams to integrate detection, response, and automation into production systems.
Key Responsibilities:
Security Operations & Monitoring
Monitor, investigate, and respond to security alerts and incidents using Elastic Security (SIEM/XDR)
Design, deploy, and maintain the Elastic Stack (Elasticsearch, Logstash, Beats, Kibana)
Develop and tune detection rules, dashboards, and alerting workflows
Conduct threat hunting and advanced log analysis
Vulnerability & Patch Management:
Perform vulnerability scanning and analysis using tools such as ACAS / Tenable
Track and remediate vulnerabilities in accordance with federal timelines
Coordinate patching and mitigation efforts with infrastructure and application teams
Compliance & Continuous Monitoring:
Implement and maintain controls aligned with NIST 800-53, FISMA, and FedRAMP
Support ATO (Authority to Operate) activities including documentation and evidence collection
Produce compliance and CDM reporting using Elastic dashboards and data feeds
Secure Engineering & Automation:
Integrate security monitoring and logging into CI/CD pipelines and Infrastructure-as-Code
Automate ingestion, enrichment, and response workflows using Python, Bash, or PowerShell
Enforce secure configuration baselines (STIGs, CIS benchmarks)
Collaboration & Risk Management:
Partner with DevOps and SRE teams to embed security observability into system design
Advise stakeholders on risk posture, detections, and mitigation strategies
Communicate technical findings to both technical and non-technical audiences
Requirements:
Hands-on production experience with the Elastic Stack (ELK)
Direct experience using Elastic Security as a SIEM/XDR platform
Log pipeline design, parsing, enrichment, and lifecycle management
Security event monitoring, alert triage, and incident response
Linux and Windows security administration
Scripting or automation experience (Python, Bash, or PowerShell)
Experience in cloud or hybrid environments (AWS, Azure, GCP, or GovCloud)
Security & Compliance Knowledge:
Strong familiarity with:
NIST 800-53, 800-61, 800-137
FISMA federal cybersecurity requirements
FedRAMP control implementation and monitoring
Experience supporting audits, assessments, or ATO packages
Active Secret Clearance
Preferred Qualifications:
Experience deploying Elastic in DoD or federal environments
Integration with cloud-native logging tools (CloudTrail, Azure Monitor, GCP Logs)
Familiarity with DevSecOps and Site Reliability Engineering (SRE) practices
Container and Kubernetes security experience
Certifications (Preferred)
Elastic Certified Engineer or Analyst
Security+
CySA+
CISSP
Benefits:
Our comprehensive benefits package for full-time salaried employees is effective immediately upon the start date. Benefits include comprehensive PPO medical coverage with access to a Health Savings Account (HSA) option, a vision plan, and dental insurance with the base dental plan option paid for by PGTEK. Life Insurance, Short and Long-Term disability, and Critical Illness insurance have premiums covered. Additionally, PGTEK offers a matching 401(k) plan and a discount on pet insurance through ASPCA Pet Insurance. An Employee Assistance Program is available at no cost to all employees. PGTEK offers a generous amount of PTO and Holidays, and an Education Assistance Program is available after 12 months of employment.
ABOUT PGTEK:
PGTEK is a true consulting organization dedicated to helping clients achieve their business and technology objectives utilizing our decades of experience and business relationships. PGTEK invests in the educational advancements of our staff by providing the necessary resources to complete Professional and Business Certifications. Our company is our people, and we treat them like family.
EOE, including disability/veterans
Active Secret Clearance Required
Location: Hybrid – Must reside near a primary DISA DHMC site
Locations:
Oklahoma City, OK
Montgomery, AL
Ogden, UT
Mechanicsburg, PA
Travel: Yes – Weekly travel to DISA locations (you will work out of your local DISA site when not traveling)
Position Summary:
We are seeking a Security Operations (SecOps) Engineer to support federal cybersecurity initiatives across enterprise and cloud environments. This role combines hands-on security engineering, operational monitoring, and compliance support to ensure systems remain secure, observable, and audit-ready throughout their lifecycle.
The ideal candidate will have strong experience with Elastic / ELK Stack technologies, security monitoring, and federal compliance frameworks. This role partners closely with DevOps, SRE, and compliance teams to integrate detection, response, and automation into production systems.
Key Responsibilities:
Security Operations & Monitoring
Monitor, investigate, and respond to security alerts and incidents using Elastic Security (SIEM/XDR)
Design, deploy, and maintain the Elastic Stack (Elasticsearch, Logstash, Beats, Kibana)
Develop and tune detection rules, dashboards, and alerting workflows
Conduct threat hunting and advanced log analysis
Vulnerability & Patch Management:
Perform vulnerability scanning and analysis using tools such as ACAS / Tenable
Track and remediate vulnerabilities in accordance with federal timelines
Coordinate patching and mitigation efforts with infrastructure and application teams
Compliance & Continuous Monitoring:
Implement and maintain controls aligned with NIST 800-53, FISMA, and FedRAMP
Support ATO (Authority to Operate) activities including documentation and evidence collection
Produce compliance and CDM reporting using Elastic dashboards and data feeds
Secure Engineering & Automation:
Integrate security monitoring and logging into CI/CD pipelines and Infrastructure-as-Code
Automate ingestion, enrichment, and response workflows using Python, Bash, or PowerShell
Enforce secure configuration baselines (STIGs, CIS benchmarks)
Collaboration & Risk Management:
Partner with DevOps and SRE teams to embed security observability into system design
Advise stakeholders on risk posture, detections, and mitigation strategies
Communicate technical findings to both technical and non-technical audiences
Requirements:
Hands-on production experience with the Elastic Stack (ELK)
Direct experience using Elastic Security as a SIEM/XDR platform
Log pipeline design, parsing, enrichment, and lifecycle management
Security event monitoring, alert triage, and incident response
Linux and Windows security administration
Scripting or automation experience (Python, Bash, or PowerShell)
Experience in cloud or hybrid environments (AWS, Azure, GCP, or GovCloud)
Security & Compliance Knowledge:
Strong familiarity with:
NIST 800-53, 800-61, 800-137
FISMA federal cybersecurity requirements
FedRAMP control implementation and monitoring
Experience supporting audits, assessments, or ATO packages
Active Secret Clearance
Preferred Qualifications:
Experience deploying Elastic in DoD or federal environments
Integration with cloud-native logging tools (CloudTrail, Azure Monitor, GCP Logs)
Familiarity with DevSecOps and Site Reliability Engineering (SRE) practices
Container and Kubernetes security experience
Certifications (Preferred)
Elastic Certified Engineer or Analyst
Security+
CySA+
CISSP
Benefits:
Our comprehensive benefits package for full-time salaried employees is effective immediately upon the start date. Benefits include comprehensive PPO medical coverage with access to a Health Savings Account (HSA) option, a vision plan, and dental insurance with the base dental plan option paid for by PGTEK. Life Insurance, Short and Long-Term disability, and Critical Illness insurance have premiums covered. Additionally, PGTEK offers a matching 401(k) plan and a discount on pet insurance through ASPCA Pet Insurance. An Employee Assistance Program is available at no cost to all employees. PGTEK offers a generous amount of PTO and Holidays, and an Education Assistance Program is available after 12 months of employment.
ABOUT PGTEK:
PGTEK is a true consulting organization dedicated to helping clients achieve their business and technology objectives utilizing our decades of experience and business relationships. PGTEK invests in the educational advancements of our staff by providing the necessary resources to complete Professional and Business Certifications. Our company is our people, and we treat them like family.
EOE, including disability/veterans
group id: 10306851
