Overview
ITDC is seeking a Senior SOC Engineer to lead detection engineering, SIEM/EDR operations, threat hunting, and SOC tooling for a federal cybersecurity program.
Responsibilities
- Engineer SIEM (Splunk preferred) detection content, dashboards, and analytics.
- Lead threat hunting, IOC development, and adversary emulation.
- Operate EDR platforms (Defender, CrowdStrike, Carbon Black) and integrate with the SOAR pipeline.
- Coordinate with IR, VM, and ATO teams; provide expert testimony in major incidents.
Required Qualifications
- 10+ years of senior SOC engineering or security operations experience in enterprise, federal, healthcare, or regulated environments (derived).
- Hands-on SIEM (Splunk, Sentinel, QRadar, Elastic) and EDR platform experience.
- Detection engineering, threat hunting, and security analytics expertise.
- Bachelor's degree (derived); Splunk certification, GCIH, GCIA, GCFA, CISSP, or CySA+ preferred.
Desired Qualifications
- Federal SOC experience integrating with US-CERT/CISA reporting workflows.
- Cloud SOC experience (AWS GuardDuty, Security Hub, Sentinel).
- ML/UEBA tuning and false-positive reduction at scale.
Job Ref 2026-0503-18