Posted today
Unspecified
Mid Level Career (5+ yrs experience)
Unspecified
IT - Security
Remote/Hybrid•Arlington, VA (Off-Site/Hybrid)
TECHEAD is celebrating over thirty-five years of incredible heritage, talent, and accomplishments! To learn more about TECHEAD, visit us at TECHEAD.com or on Glassdoor.
Cloud Security Operations Engineer (SOC) | 22044
Full-time, Direct Hire
Hybrid in Arlington, VA (2-3x/week)
The Mission
We are building our foundational U.S. engineering team in Arlington, VA, and we need a defender. As an early member of this team, you won’t just be designing architecture—you will be the primary line of defense against external threats to our internal and cloud infrastructure.
This role is designed for a hands-on security practitioner with a deep background in SOC Operations and Incident Response. You will bridge the gap between engineering and real-time security monitoring, ensuring that every piece of code we deploy is monitored, every log is analyzed, and every threat is neutralized.
The Day-to-Day
Incident Response & Threat Hunting: Serve as the primary responder for security incidents. You will perform deep-dive forensic analysis on cloud-native services (containers, serverless) and internal infrastructure to detect, contain, and remediate threats.
SIEM Management & Monitoring: Take full ownership of our Splunk/Elastic (ELK) stack. You will build dashboards, write detection logic, and tune alerts to filter out the noise and catch sophisticated external actors.
SOC Excellence: Act as a Tier 2/3 escalation point for security events. You’ll be responsible for the end-to-end lifecycle of a threat—from initial detection in AWS CloudTrail or Azure Monitor to final root cause investigation.
Vulnerability & Surface Management: Proactively identify "weak spots" in our internal and cloud posture. You’ll perform regular scans (Snyk, Wiz) and penetration testing to ensure our external attack surface is minimized.
DevSecOps & Automation: "Automate the defense." Use Python or Bash to script automated responses to common alerts and use Terraform/CloudFormation to ensure security controls (Firewalls, IAM, Encryption) are baked into our IaC.
Zero Trust Advocacy: Design and enforce rigorous IAM and RBAC policies, ensuring that our internal infrastructure remains secure against lateral movement.
You Should Apply If You Have
Clearance: Ability to obtain a Top Secret Clearance
The "SOC Mindset": 3–5+ years in Cybersecurity, with at least 2+ years of high-level SOC (Tier 2/3) or Incident Response experience.
SIEM Mastery: Hands-on proficiency with Splunk, Elastic Stack (ELK), or Sentinel. You should be comfortable building queries and managing log ingestion.
Cloud Warfare: Practical experience defending AWS, Azure, or GCP environments using native tools (GuardDuty, Security Hub, Defender).
Infrastructure as Code (IaC): Familiarity with Terraform, Ansible, or CloudFormation to deploy security guardrails.
Scripting: The ability to write Python, Bash, or PowerShell scripts to automate repetitive security tasks.
Networking Depth: A "packet-level" understanding of TCP/IP, VPNs, DNS, and TLS. You know how to read a PCAP and identify malicious traffic.
Nice to Have
Certifications: CISSP, GCIA, GCIH, CCSP, or AWS Certified Security – Specialty.
Education: Bachelor’s degree in Computer Science, Cyber Security, or equivalent experience.
Framework Knowledge: Familiarity with NIST 800-53, FedRAMP, or CMMC
Bonus Points if you have big tech or startup experience
TECHEAD's mission is to make our on-site associates successful by placing them in the right environment so they can grow and prosper. How we treat and respond to our clients and employees is a reflection of who we are and makes us stand out from the rest. Keeping our business focused on building and maintaining relationships with our employees and clients is the key to our success. We won't strive for anything less.
TECHEAD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
For more information on TECHEAD please visit www.techead.com.
No second parties will be accepted.
Cloud Security Operations Engineer (SOC) | 22044
Full-time, Direct Hire
Hybrid in Arlington, VA (2-3x/week)
The Mission
We are building our foundational U.S. engineering team in Arlington, VA, and we need a defender. As an early member of this team, you won’t just be designing architecture—you will be the primary line of defense against external threats to our internal and cloud infrastructure.
This role is designed for a hands-on security practitioner with a deep background in SOC Operations and Incident Response. You will bridge the gap between engineering and real-time security monitoring, ensuring that every piece of code we deploy is monitored, every log is analyzed, and every threat is neutralized.
The Day-to-Day
Incident Response & Threat Hunting: Serve as the primary responder for security incidents. You will perform deep-dive forensic analysis on cloud-native services (containers, serverless) and internal infrastructure to detect, contain, and remediate threats.
SIEM Management & Monitoring: Take full ownership of our Splunk/Elastic (ELK) stack. You will build dashboards, write detection logic, and tune alerts to filter out the noise and catch sophisticated external actors.
SOC Excellence: Act as a Tier 2/3 escalation point for security events. You’ll be responsible for the end-to-end lifecycle of a threat—from initial detection in AWS CloudTrail or Azure Monitor to final root cause investigation.
Vulnerability & Surface Management: Proactively identify "weak spots" in our internal and cloud posture. You’ll perform regular scans (Snyk, Wiz) and penetration testing to ensure our external attack surface is minimized.
DevSecOps & Automation: "Automate the defense." Use Python or Bash to script automated responses to common alerts and use Terraform/CloudFormation to ensure security controls (Firewalls, IAM, Encryption) are baked into our IaC.
Zero Trust Advocacy: Design and enforce rigorous IAM and RBAC policies, ensuring that our internal infrastructure remains secure against lateral movement.
You Should Apply If You Have
Clearance: Ability to obtain a Top Secret Clearance
The "SOC Mindset": 3–5+ years in Cybersecurity, with at least 2+ years of high-level SOC (Tier 2/3) or Incident Response experience.
SIEM Mastery: Hands-on proficiency with Splunk, Elastic Stack (ELK), or Sentinel. You should be comfortable building queries and managing log ingestion.
Cloud Warfare: Practical experience defending AWS, Azure, or GCP environments using native tools (GuardDuty, Security Hub, Defender).
Infrastructure as Code (IaC): Familiarity with Terraform, Ansible, or CloudFormation to deploy security guardrails.
Scripting: The ability to write Python, Bash, or PowerShell scripts to automate repetitive security tasks.
Networking Depth: A "packet-level" understanding of TCP/IP, VPNs, DNS, and TLS. You know how to read a PCAP and identify malicious traffic.
Nice to Have
Certifications: CISSP, GCIA, GCIH, CCSP, or AWS Certified Security – Specialty.
Education: Bachelor’s degree in Computer Science, Cyber Security, or equivalent experience.
Framework Knowledge: Familiarity with NIST 800-53, FedRAMP, or CMMC
Bonus Points if you have big tech or startup experience
TECHEAD's mission is to make our on-site associates successful by placing them in the right environment so they can grow and prosper. How we treat and respond to our clients and employees is a reflection of who we are and makes us stand out from the rest. Keeping our business focused on building and maintaining relationships with our employees and clients is the key to our success. We won't strive for anything less.
TECHEAD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
For more information on TECHEAD please visit www.techead.com.
No second parties will be accepted.
group id: 10202776
