SOC Engineer Tier 1/2

When you join AIS, you're joining a mission-driven team that's passionate about making a difference. You'll work on projects that matter, alongside industry-leading experts, in an environment that fosters innovation, driving client success, and empowering our team to make a lasting impact. As an employee-owned company, we value collaboration, inclusivity, continuous growth, and shared success.

• Employee Ownership: Your contributions directly impact the company's success, and you share in its achievements.

• Continuous Learning: Access to resources, training, and mentorship to support your professional growth.

• Inclusive Culture: A workplace where diversity is celebrated, and everyone's voice is valued.

• Mission-Driven Work: Engage in projects that make a meaningful difference for our clients and communities.

At AIS, we're looking for more than just skills - we're looking for driven individuals who are passionate about making a difference, eager to grow, and aligned with our core principles.

This position is contingent upon contract award. We are currently pursuing a proposal and are seeking qualified candidates to include in our submission and identify candidates for future hiring needs on the program once awarded.

• Core Knowledge & Skills: Applies advanced network security, cryptography, vulnerability assessment, regulatory compliance, and access/governance principles.

• Work & Complexity: Conducts security assessments, handles incidents, implements policies, configures advanced security settings, and manages security devices.

• Quality & Independence: Conducts thorough assessments, produces clear documentation, improves practices, and works independently within project scope.

• Teamwork & Communication: Participates in team projects, shares knowledge, coordinates with other teams, and mentors junior staff.

• Consulting & Engagement: Advises internal teams, optimizes processes, evaluates technologies, and coordinates vendor support.

As a SOC Engineer Tier 1-2 you will use cutting-edge cloudtechnologies to ensure secure operations for our clients. Ensure that large-scale Azure and M365 environments are secure and that security events are quickly identified and resolved. Build comprehensive security alerts and monitoring tools and dashboards to gauge the operational security of system components. Implement innovation to improve efficiency of Azure security related activities. Serve as point of escalation for challenging and complex security issue resolution. Join our team of security operations cloud professionals and accomplish what others only dream of.
Multiple shifts - Day, Swing, Night, Weekends/Holidays

Please note: This is an evergreen posting to collect resumes for future openings; there is no active position available at this time.

What You'll Be Doing

• Review the environment scoping information and inventory to ensure a deep understanding of the organization's business, its applications, and technical solutions.

• Be well versed in the areas of focus on the security roadmap and have an understanding of how they will be implemented and impact the work that the Security Operations Center staff will have to take up.

• Provide the SOC with an understanding as to the mapping between IT & organization security and how it relates to the responsibilities and tasking that the SOC has.

• Ensure that the SOC team is focusing on education based on preventative maintenance and roadmap capabilities.

• Participate in audit reviews to ensure that gaps in coverage are being addressed by the SOC team.

• Support the creation of reporting templates, explain how they are used and generated and the expectation regarding their cadence. Create a process where the reports are reviewed and feedback loops provide the ability to improve them.

• Specialize in SIEM configuration and maintenance.

• Responsible for building the security architecture and systems

• Work with development operations teams to ensure that systems are up to date.

• Document requirements, procedures, and protocols to ensure that other users have the right resources

• Work with customers on complex operational issues

Location and Travel Details

Must be in the DC Metropolitan area as positions will be 100% onsite.

Security Clearance and Citizenship Requirements

TS/SCI with CI Polygraph is required

Skills required for this opportunity

• 3 + years of experience in security engineering to operate M365 and Azure platforms

• Security + certification

• Experience in Azure and M365 environments

• Good experience in a variety of SOC engineering/ administration tools

• Handles daily alerts, incidents; monitors, tracks, analyzes and records.

• Work with other IT professionals to resolve fast moving vulnerabilities such as spam, virus, spyware and malware.

• Monitor security vulnerability information from vendors and third parties.

• Strong engineering analysis ability

Other applicable skills for this opportunity

• Provide technical guidance / recommendations to clients to enhance their overall security posture within the managed products.

• Work with vendors, outside consultants, and other third parties to improve information security within the organization.

• Advanced Forensics skills to evaluate current malware and phishing threats.

• Familiarity with Microsoft Azure Sentinel and Microsoft Defender Suite

• Experience with SOC capabilities using tools like Azure Monitor, Azure Sentinel, Azure Automation, Azure Backup, Azure Security Center, etc.

• Apply these capabilities to IaaS and PaaS services such and VMs, Azure Service Environment ASE, Azure Kubernetes Service AKS, Spring Cloud, Azure Virtual Desktop, etc.MSFT: SC-200, SC-900, AZ-900, AZ-500

Applied Information Sciences does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis. Employment decisions are based solely on qualifications, merit, and business needs.