Senior Security Engineer

Job Description

Job Description

Overview

We are seeking a highly skilled Senior Security Engineer ((SIEM, Cloud, & Security Analytics) to be a key technical leader on our CSSP Team. This role is for a seasoned professional with deep, hands-on experience operating across multiple DoD network enclaves (NIPR, SIPR, and JWICS) . The ideal candidate will drive the design and implementation of sophisticated security solutions, both on-prem and future secure cloud environments , leveraging expertise in a range of security platforms, including, but not limited to Splunk, Elastic, and Microsoft Sentinel . This is a hands-on role for a senior expert who can engineer and automate a complex, multi-faceted security posture.

TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.

We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays.

Visit us at

Apply now to explore jobs with us!

The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation.

By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration.

Responsibilities

RESPONSIBILITIES

• Lead the design and implementation of security automation workflowsusing tools like Python, Ansible, and SOAR platforms to enhance efficiency and response capabilities across all network enclaves.
• Design, engineer, and secure cloud architecture within AWS IL-4/5 environments, implementing robust security controls and ensuring compliance with stringent DoD standards.
• Serve as the SIEM SME/Architect to enhance the agency’s SIEM platformby developing advanced security content, creating custom dashboards, integrating REST APIs, and onboarding new data sources to improve threat visibility.
• Serve as a senior engineer for security analytics across multiple platforms, including, but not limited to Microsoft Sentinel and Splunk.This involves developing and implementing advanced correlation rules, workload analytics, and threat intelligence models to detect and respond to anomalous activity.
• Serve as a senior technical resource and mentor for other team members, providing guidance on best practices for operating securely across classified and unclassified networks.
• Analyze and integrate new subscriber data and security tools into the existing ecosystem to enhance threat detection and response capabilities.
• Create and maintain clear, comprehensive technical documentation, including architectural diagrams and Standard Operating Procedures (SOPs) tailored for multi-enclave operations.
• Monitor, triage, and support incident response leveraging SIEM platform capabilities including correlation searches, and risk-based alerting (RBA) across all network enclaves.
• Maintain and update SIEM content (dashboards, alerts, reports) in alignment with IR playbooks and SOAR workflows to accelerate analyst response times and improve detection fidelity

REQUIRED QUALIFICATIONS

• Active Top Secret Clearance with SCI eligibility.
• DoD 8570 / 8140 Compliance: Active IAT Level II and CSSP Infrastructure certification.
• 8+ years of relevant experience in a hands-on cybersecurity role within a DoD environment.
• Experience supporting or participating in incident response within a DoD CSSP or SOC environment, including evidence collection, timeline reconstruction, and post-incident reporting.
• Familiarity with NIST SP 800-61 (Computer Security Incident Handling Guide) as the baseline IR framework.
• Extensive, hands-on engineering experience and operating within multi-cloud IL-4/5 secure cloud environments.
• Demonstrated experience working across multiple network classification levels (NIPR, SIPR, and JWICS).
• Advanced, hands-on experience with security analytics platforms, including Splunk (Enterprise/ES), Elastic, and Microsoft Sentinel.
• Strong, demonstrable proficiency in scripting and automation for security tasks using languages like Python, PowerShell, Bash, or Ansible, including experience with API integrations.
• Solid foundation in Linux/Unix administration and command-line operations necessary for managing backend SIEM and security infrastructure.

PREFERRED QUALIFICATIONS

• Certifications related to Microsoft Azure Security (e.g., Azure Security Engineer Associate, Microsoft Sentinel Ninja).
• Experience configuring and maintaining RHEL systems in compliance with DISA STIGs and supporting ATO documentation efforts.
• Experience with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation).
• High-level SIEM (Splunk, Elastic, MS Sentinel) and Cloud Architecture certifications.
• Working knowledge of the DoD Risk Management Framework (RMF) process, including experience preparing or supporting System Security Plans (SSPs), STIGs, and continuous monitoring requirements for systems operating at IL-4/5.

Qualifications

WORK ENVIRONMENT AND PHYSICAL DEMANDS

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Location: Fort Belvoir, VA
• Type of environment: Office
• Noise level: Low
• Work schedule: Monday – Friday, with flexibility for evening/weekend work as needed..
• Amount of Travel: 10%

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.

WORK AUTHORIZATION/SECURITY CLEARANCE

• U.S Citizenship Required
• Top Secret Clearance with SCI Eligibility required

OTHER DUTIES

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment.

EQUAL EMPLOYMENT OPPORTUNITY

In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment.