- Company Name
- PGTEK
- Job Title
- SecOps Engineer - Secret clearance - travel role
- Job Description
-
Job Title: SecOps Engineer – Secret Clearance – Travel Role
Role Summary:
Security Operations (SecOps) Engineer responsible for monitoring, incident response, and continuous compliance across federal cloud and enterprise environments. Works closely with DevOps, SRE, and compliance teams to integrate detection, response, and automation into production systems, ensuring audit-ready operations and adherence to NIST, FISMA, and FedRAMP standards.
Expectations:
* Maintain 24/7 security observability through Elastic Stack (ELK) and Elastic Security SIEM/XDR.
* Design and tune detection rules, dashboards, and alert workflows to meet federal security timelines.
* Conduct threat hunting, vulnerability assessment, and remediation coordination.
* Implement and document controls for ATO and ongoing compliance reporting.
* Automate security monitoring and response pipelines using Python, Bash, or PowerShell.
* Collaborate with DevOps/SRE to embed security into CI/CD and IaC.
Key Responsibilities:
1. **Security Operations & Monitoring** – Monitor, investigate, and respond to alerts via Elastic Security.
2. **Elastic Stack Management** – Deploy, configure, and maintain Elasticsearch, Logstash, Beats, Kibana.
3. **Detection Engineering** – Develop and tune detection rules, dashboards, and alerting workflows.
4. **Threat Hunting** – Perform advanced log analysis and proactive threat hunting.
5. **Vulnerability & Patch Management** – Scan with ACAS/Tenable, track remediation, coordinate patching.
6. **Compliance & Continuous Monitoring** – Implement NIST 800-53, FISMA, FedRAMP controls; support ATO activities.
7. **Secure Engineering & Automation** – Integrate monitoring into CI/CD; automate ingestion, enrichment, response.
8. **Risk Management & Collaboration** – Work with DevOps/SRE to embed observability; advise stakeholders on risk posture.
Required Skills:
* Production experience with Elastic Stack (ELK) and Elastic Security SIEM/XDR.
* Log pipeline design, parsing, enrichment, and lifecycle management.
* Incident response, alert triage, and threat hunting.
* Linux and Windows security administration.
* Scripting/automation: Python, Bash, or PowerShell.
* Experience in AWS, Azure, GCP, or GovCloud environments.
* Knowledge of NIST 800-53, 800-61, 800-137; FISMA; FedRAMP controls.
* Documentation for ATO packages and compliance reporting.
* Active Secret Clearance.
Required Education & Certifications:
* Bachelor’s degree in Computer Science, Information Security, or related field (preferred).
* Certifications (preferred): Elastic Certified Engineer/Analyst, Security+, CySA+, CISSP.
* Active Secret Clearance.
Montgomery, United states
Hybrid
02-02-2026