Security Operations Engineer

We are seeking an experienced Network Security Engineer for a hybrid contract opportunity in San Antonio, Texas.

• Engineer, maintain, and tune SIEM platforms (Google SecOps, Gravwell), including correlation rules, dashboards, enrichment logic, and detection content.
• Configure, tune, and optimize IDS/IPS technologies (Corelight, Tipping Point, Cisco Firepower), including signature development and false-positive reduction.
• Perform packet capture (pcap) analysis to validate alerts, identify malicious traffic, and support investigations using Netwitness or Corelight.
• Conduct network traffic analysis to detect anomalies, lateral movement, and command‑and‑control activity.
• Strong understanding of network security architecture, including distributed sensors (Corelight), packet capture systems (NetWitness), and log pipelines (CRIBL, Gravwell, Google SecOps).
• Operationalize threat intelligence feeds within SOC platforms and c...