Full-Time AWS GovCloud Security Operations Engineer

AWS GovCloud Security Operations Engineer (EDR & SOAR)

• We are seeking a highly skilled Security Operations Engineer to join our team supporting a secure
• AWS GovCloud environment. The ideal candidate will possess extensive expertise in Endpoint
• Detection and Response (EDR) and Security Orchestration, Automation, and Response (SOAR)
• solutions, specifically with CrowdStrike and ThreatConnect. This role will be responsible for the
• configuration, management, and optimization of these security tools to ensure effective threat
• detection, response, and mitigation within a highly regulated cloud environment.

Key Responsibilities:

• Manage and maintain the CrowdStrike environment, including configuration of policies, tuning, and ensuring optimal security posture within AWS GovCloud.
• Develop and deploy ThreatConnect playbooks to automate threat detection, investigation, and response workflows.
• Support the design, implementation, and continuous improvement of EDR and SOAR integrations within AWS GovCloud, adhering to strict compliance and security requirements.
• Collaborate with SOC, CSIRT, and security engineering teams to develop and refine incident response processes and playbooks for automated and manual response.
• Conduct regular assessments to validate the effectiveness of CrowdStrike configurations and ThreatConnect playbooks, adjusting as necessary to improve threat coverage and minimize response time.
• Monitor, troubleshoot, and resolve issues related to EDR and SOAR tools within AWS GovCloud, ensuring high availability and performance.
• Stay up-to-date with AWS GovCloud-specific compliance mandates and ensure that security practices align with federal and industry standards.

Requirements:

Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or a

related field; or equivalent experience.

Experience:

• Minimum of 3-5 years of hands-on experience with CrowdStrike in enterprise environments, with
• demonstrated expertise in policy configuration and fine-tuning.
• Proficiency in ThreatConnect with proven experience building and deploying playbooks for
• automated threat detection and response.
• Experience working in AWS GovCloud environments and understanding of related compliance requirements (e.g., FedRAMP, ITAR).

Technical Skills:

• Deep knowledge of CrowdStrike configurations, policies, and threat intelligence features.
• Advanced proficiency in ThreatConnect playbook development and automation processes.
• Familiarity with AWS security and compliance tools, as well as cloud-native security practices.

Preferred Qualifications:

• Relevant certifications, such as AWS Certified Security, CrowdStrike Certified Falcon Responder (CCFR), or ThreatConnect Specialist certifications.
• Strong scripting skills (e.g., Python, PowerShell) for playbook customization and automation.
• Familiarity with other SOAR platforms, SIEM tools, or security frameworks used in cloud and hybrid environments.

Additional Attributes:

• Excellent problem-solving skills and the ability to work independently in a dynamic and complex environment.
• Strong communication and documentation skills to convey technical concepts to both technical and non-technical stakeholders.
• Collaborative mindset with experience in cross-functional teamwork within a security-focused environment.