Expertise and Technology for National Security
SecOps Analyst
Location
Illinois
Posted
4 days ago
Salary
$75.2K - $158.1K / year
Seniority
Senior
Job Description
SecOps Analyst
CACI International Inc
• Monitor and analyze security events and alerts using Elastic Security SIEM • Conduct vulnerability scans with Tenable SC and assess cloud workloads via Tenable Cloud Security • Manage and enforce endpoint security policies using Trellix ePO or Microsoft Defender for Endpoint (MDE) • Monitor network security activity across Palo Alto Next-Generation Firewalls • Analyze secure access traffic through Zscaler Private Access and Internet Access • Detect, document, and escalate security incidents following established response procedures • Develop continuous monitoring reports and contribute to security posture dashboards • Track and present security KPIs to program leadership
Job Requirements
- Active Secret or Top Secret clearance
- 3–5 years of experience in a security operations or SOC environment
- Hands-on experience with a SIEM platform (Elastic Security strongly preferred)
- Working knowledge of vulnerability scanning tools (Tenable SC preferred)
- Familiarity with network security monitoring and firewall technologies
- DoD 8140.03M DCWF Basic Tier Certification — one of: CC, GDSA, or GISF
- DoD 8140 Interim Education Options
Benefits
- healthcare
- wellness
- financial
- retirement
- family support
- continuing education
- time off benefits
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
Forward Deployed Engineer – AI SOC
Thinkahead Consultant Psychologist Pty LtdWe get to the heart of the matter.....real people......real solutions
• Serve as the technical lead for deploying and operationalizing security and AI solutions in customer or enterprise environments • Translate business, operational, and security requirements into deployable architectures and implementation plans • Partner with internal and external stakeholders to ensure solutions are aligned to operational goals, compliance requirements, and long-term platform strategy • Act as a trusted advisor during onboarding, implementation, rollout, and optimization phases • Design and implement integrations across SIEM, XDR, SOAR, case management, data platforms, and AI-enabled tooling • Build and configure cloud-native data ingestion, normalization, and enrichment pipelines for security telemetry • Integrate APIs, webhooks, message queues, and automation workflows across identity, endpoint, cloud, network, and application ecosystems • Develop reusable deployment patterns, templates, and technical assets to accelerate future implementations • Operationalize AI and automation use cases within security workflows, including alert enrichment, triage support, summarization, clustering, playbook selection, and analyst copilots • Work with detection engineering and data teams to support the implementation of behavioral analytics, anomaly detection, risk scoring, and other AI-assisted security use cases • Help define data requirements, feedback loops, and operational guardrails needed to support effective AI outcomes in production environments • Ensure deployed solutions are practical, measurable, and aligned to analyst workflows and response objectives • Implement secure and governed automation for investigation and response use cases across heterogeneous environments • Support resiliency, observability, performance, and scale requirements for deployed solutions • Troubleshoot integration issues, deployment blockers, and production challenges in partnership with platform, cloud, and security teams • Improve reliability and maintainability through documentation, testing, monitoring, and standardized engineering practices • Collaborate across Security Operations, Security Engineering, Detection Engineering, Data Science, Infrastructure, and product or customer teams • Communicate technical concepts clearly to both technical and non-technical stakeholders • Mentor engineers and contribute to best practices for implementation, delivery, and technical solution design • Provide field feedback to influence platform roadmap, product direction, and architectural standards.
• Monitor security alerts and events across Box’s environment using SIEM and other detection tools. • Lead and coordinate the end-to-end response to security incidents. • Conduct in-depth forensic analysis of endpoints, logs, and network traffic. • Develop and refine incident response playbooks, runbooks, and procedures. • Collaborate with Engineering, Legal, and Compliance teams. • Identify trends and patterns in security data to proactively surface emerging threats. • Contribute to threat intelligence programs by researching adversary tactics, techniques, and procedures (TTPs).
Director of IT – Security Operations
RealTime eClinical SolutionsBetter research. Better business. Better outcomes.
• Owns the security, availability, and compliance of the systems. • Operate and evidence the controls required for SOC 2 Type 2 and HIPAA. • Maintain the risk register and run an annual risk assessment. • Enforce least privilege access across corporate and production systems. • Manage cloud hosting vendors and environment changes. • Monitor the security of corporate and cloud environments. • Manage the team providing technical support to employees. • Design and manage the disaster-recovery and business-continuity process.
Security Engineer – Incident Response
AsymmetricEarly stage capital for disruptive technology companies.
• Serve as Incident Commander for SIRN-related security cases • Lead incident triage efforts • Coordinate with internal AR teams and external Solana ecosystem stakeholders • Develop, tune, and triage telemetry signals • Identify gaps in current detection coverage • Author, maintain, and continuously improve incident runbooks • Provide operational and logistical support to the SIRN project team • Escalate to AR Engineering and Consulting leads as appropriate



