Jobs · Information Technology

Cybersecurity Operations Engineer

Lanteris Space Systems · Palo Alto, CA · 1 wk ago
Information Technology$124k–$206k/yrFull-time

About the role

The ideal candidate will be responsible for hands-on security operations, endpoint protection management, security tool administration, and incident response. This role can be based in Palo Alto, CA, Houston, TX or also remotely in the US.

Responsibilities

  • SOC Coordination & Incident Management
    • Act as liaison with our Managed Security Service Provider (MSSP), reviewing Tier 1/2 alert summaries, validating findings with organizational context, and facilitating escalations for hands-on resolution
    • Conduct real-time troubleshooting, log analysis, endpoint forensics, and containment actions on internal systems using tools like MS Defender, Wiz, and Tenable
    • Participate in incident response activities, ensuring timely communication with stakeholders and proper documentation of security events
    • Cook up incident response activities across cross-functional teams, ensuring timely containment, eradication, and recovery actions align with organizational priorities and compliance requirements
  • Endpoint Security & Tool Administration
    • Support our endpoint security solutions, including EDR (Endpoint Detection & Response) solutions across the enterprise
    • Maintain operational access to security tools for investigation and response purposes (not responsible for development, architecture, or tuning of SOC tools)
    • Perform regular health checks, updates, and optimization of security agents to ensure maximum coverage and performance across all organizational assets
    • Develop and maintain documentation for security agent configurations, deployment procedures, and troubleshooting workflows to support operational continuity
  • Continuous Improvement & Strategic Activities
    • Participate in post-incident reviews and root cause analysis, documenting lessons learned to enhance response playbooks aligned with NIST 800-171/CMMC requirements
    • Contribute to the refinement of MSSP SLAs, escalation procedures, and operational runbooks
    • Generate compliance reports, executive briefings, and threat intelligence summaries for leadership and cross-functional teams (IT, Legal, Governance, Program Security)
    • Monitor and report on MSSP performance metrics, contributing to quarterly vendor reviews and integrating findings into risk management workflows
    • Identify gaps in security coverage and recommend process improvements
    • Participate in tabletop exercises and security drills to validate response capabilities
  • Collaboration & Knowledge Sharing
    • Integrate security findings into enterprise risk management workflows
    • Serve as security subject matter expert for internal projects and initiatives
    • Maintain currency with emerging threats, vulnerabilities, and security technologies relevant to the aerospace/defense sector

Qualifications

  • Must be a US Citizen with the ability to obtain a US Government security clearance
  • Bachelor's Degree in the following area(s): Cybersecurity, Information Technology, Computer Science, or related field, four additional years of experience can be substituted for a degree
  • Eight years of hands-on experience in cybersecurity operations, incident response, or security engineering roles
  • Experience with endpoint protection platforms
  • Experience with cloud security concepts and tools (Wiz, AWS security services, or similar)
  • Experience with SIEM platforms, log analysis, and security event correlation
  • Experience with NIST 800-171, CMMC, and DFARS cybersecurity requirements

Preferred Qualifications

  • Professional certifications such as CISSP, GCIH, GCFA, or CEH
  • Experience operating in aerospace, defense, or DoD/CMMC regulated environments
  • Scripting/automation skills (PowerShell, Python) for security operations tasks
  • Strong collaboration skills and ability to work effectively with cross-functional teams during complex security incidents
  • Experience with the M365 Security stack (Defender, Sentinel, MDC, Purview)
  • Experience with Tenable One
  • Experience with centralized enterprise logging
  • Experience with network security, including IDS/IPS, firewalls, and security architecture

Similar jobs

Cybersecurity Engineer

Chenega Security SBUChantilly, VA· 6 days ago
Information Technologyapply on chenega.jibeapply.com