Sign upLog in
JobsJobs in District of ColumbiaJobs in Washington, DCEngineering and Technology JobsEngineering Jobs

SecOps Engineer

Spire

Washington, DC

Apply
JOB DETAILS
SALARY
$189,000–$225,000 Per Year
SKILLS
Algorithms, Amazon Web Services (AWS), Application Programming Interface (API), Automation, Aviation Industry, Background Investigation, Cadence, Cloud Computing, Communication Skills, Computer Science, Computer Security, Content Development, Continuous Improvement, Contract Requirements, Data Management, Documentation, Ecosystems, Employee Assistance Plan, Endpoint Security, Engineering, Enterprise Endpoint, Equal Employment Opportunity (EEO), Establish Priorities, GCFA - GIAC Certified Forensic Analyst, GCIA - GIAC Certified Intrusion Analyst, GCIH - GIAC Certified Incident Handler, GCP (Good Clinical Practices), GNU C Compiler, Government, Hunting, ISO (International Organization for Standardization), Identity Data Management, Incident Management, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Leadership, Legal, Loss Prevention, Machine Tool, Maintain Compliance, Microsoft Product Family, Microsoft Windows Azure, Onboarding, Open Source, Operational Audit, Operational Support, Procurement Strategy, Product Lifecycle, Proof of Concept, Protective Services, Python Programming/Scripting Language, Risk, Risk Management, Root Cause Analysis, Safety/Work Safety, Sales Pipeline, Scripting (Scripting Languages), Security Attacks, Security Clearance, Security Information and Event Management (SIEM), Stock Purchase Plans, Systems Engineering, Technical Leadership, Telemetry, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), Vehicle Fleets, Windows PowerShell, Writing Skills
LOCATION
Washington, DC
POSTED
Today

About the Role

The Security Operations Engineer is responsible for operating the security controls that protect the company's enterprise, cloud, and mission systems, and technical response to security events across the environment. This role operates the day-to-day execution of detection, investigation, vulnerability management, and cloud security posture work, and serves as a hands-on technical authority across the security tooling stack. The Security Operations Engineer partners closely with IT, infrastructure, engineering, and product teams to reduce risk, shorten time-to-detect and time-to-respond, and ensure that security controls function reliably in regulated and non-regulated environments alike. This is a deeply technical role requiring strong engineering fundamentals, incident response experience, and the judgment to make sound security decisions under pressure.

Key Responsibilities:

Detection, Monitoring & Response

  • Operate and continuously improve the company's Security Information and Event Management (SIEM) platform, including log source onboarding, parser and normalization maintenance, detection content development, and alert tuning to minimize false positives while preserving coverage.
  • Build and maintain detection rules mapped to adversary behaviors and develop corresponding response playbooks and automation.
  • Serve as a first responder and technical liaison for security incidents, including triage, containment, forensic collection, root cause analysis, and post-incident review; coordinate with IT, engineering, and legal stakeholders throughout the lifecycle.
  • Maintain incident response documentation, runbooks, and evidence-handling procedures suitable for regulated environments and contractual reporting obligations.

Vulnerability Management

  • Operate the vulnerability management lifecycle across endpoints, servers, containers, and cloud workloads, including scanning cadence, finding validation, prioritization, remediation tracking, and exception governance.
  • Partner with system owners and engineering teams to drive remediation within agreed service levels, and escalate aging or high-severity findings through defined risk channels.
  • Produce vulnerability posture reporting and trend analysis for technical and leadership audiences.

Cloud Security Posture Management

  • Operate Cloud Security Posture Management tooling across the company's cloud environments, including configuration baseline enforcement, drift detection, and continuous compliance monitoring against internal standards and applicable frameworks.
  • Investigate misconfigurations and risky resource states, coordinate remediation with cloud and platform teams, and contribute guardrails and preventive controls where appropriate.

Endpoint Security

  • Administer and tune endpoint detection and response (EDR) tooling across corporate and engineering fleets, including policy management, exclusion governance, telemetry quality, and response action workflows.
  • Investigate endpoint alerts and suspicious activity, and coordinate containment, isolation, and recovery actions with IT.

Identity, Access & Secrets

  • Support operational identity and access management activities, including privileged access monitoring, access review execution, anomaly investigation, and integration of identity telemetry into detection pipelines.
  • Partner with IT and engineering on secrets management hygiene, including monitoring for leaked or misused secrets and supporting remediation workflows.

Threat Intelligence

  • Consume, evaluate, and operationalize threat intelligence from commercial, open-source, and government sources; translate relevant intelligence into detections, hunts, and control recommendations.
  • Conduct periodic threat hunting across available telemetry based on current intelligence and environmental risk.

Data Loss Prevention

As capacity allows, support Data Loss Prevention (DLP) tooling operations, including policy tuning, alert triage, and coordination with data owners on sensitive data handling concerns.

Security Tooling

  • Act as a technical liaison for assigned security tools, including deployment, upgrade, integration, and health monitoring; author and maintain the integrations, scripts, and automation that connect security tooling into the broader engineering and IT ecosystem.
  • Evaluate new security technologies through proof-of-concept exercises and provide technical input into procurement and platform strategy decisions.

Required Qualifications:

  • Five or more years of progressive hands-on experience in security operations, detection engineering, incident response, or a closely related technical security discipline.
  • Demonstrated expertise operating a SIEM platform in production, including detection content authoring, data pipeline management, and tuning at scale.
  • Proven incident response experience, including acting as a technical lead during material security events from initial triage through post-incident review.
  • Strong working knowledge of cloud security in at least one major provider (AWS, Azure, or GCP), including native security services, identity constructs, and common misconfiguration patterns.
  • Practical experience with vulnerability management tooling and remediation workflows across mixed environments.
  • Solid scripting and automation skills in Python, PowerShell, or a comparable language, including integrating APIs across security and IT tools.
  • Familiarity with common detection engineering practices, and established incident response frameworks.
  • Ability to communicate complex technical findings clearly in writing and to translate security risk for non-security audiences.
  • Bachelor's degree in Computer Science, Information Security, Engineering, or equivalent practical experience.

Preferred Qualifications:

  • Experience operating in environments subject to NIST SP 800-171, CMMC, FedRAMP, ISO 27001, or comparable regulated frameworks.
  • Hands-on experience with AWS GovCloud, Microsoft 365 GCC High, or other sovereign cloud environments.
  • Experience with EDR platforms such as CrowdStrike, SentinelOne, or Microsoft Defender for Endpoint at enterprise scale.
  • Experience with CSPM platforms such as Wiz, Prisma Cloud, Orca, or equivalents.
  • Detection engineering experience using Sigma, KQL, SPL, or similar query and rule languages.
  • Exposure to identity platforms such as Okta, Entra ID, or Ping, including their audit and telemetry surfaces.
  • Industry certifications such as GCIH, GCIA, GCFA, GCED, OSCP, or equivalent technical credentials.
  • Active US security clearance, or eligibility to obtain one.

 

Spire operates a hybrid work model, and this position will require you to work a minimum of three days per week in the office.

Access to US export-controlled software and/or technology may be required for this role. If needed, Spire will arrange the necessary licenses—this is not something candidates need to have before applying. #LI-DC1

The anticipated base salary range for this position is listed below. Final base salary for this role will be based on the location, skills, experience and qualifications. In addition to base compensation, this role may be eligible for annual equity awards and our employee benefits program, including vacation, sick, and personal time off; optional medical, dental, vision, life, and disability coverage; a 401(K) plan; health and wellness reimbursement program; and participation in Spire's Employee Stock Purchase Plan.

Salary Range
$189,000—$225,000 USD


Global Perks

️ Name Your Satellite Program (NYSP)
 Launch Attendance
 Generous Time Off Policy
 Education Assistance Program
殺 Employee Assistance Program (EAP)
 Employee Stock Purchase Program (ESPP)
 Family Leave
 Fitness Reimbursement
李 Employee Referral Program
 Healthy snacks & beverages in every office

 

About Spire

We improve life on Earth with data from space.

Spire Global is a space-to-cloud analytics company that owns and operates the largest multi-purpose constellation of satellites. Its proprietary data and algorithms provide the most advanced maritime, aviation, and weather tracking in the world. In addition to its constellation, Spire's data infrastructure includes a global ground station network and 24/7 operations that provide real-time global coverage of every point on Earth.


Spire is Global and our success draws upon the diverse viewpoints, skills and experiences of our employees. We are proud to be an equal opportunity employer and are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or veteran status.

To help maintain a safe and secure workplace for Spire employees, all candidates who receive a conditional offer will be requiredto complete a background check. This may include criminal history and employment verification.

Please take a moment to review Spire's Global Data Privacy Notice for Employees, Contractors, Candidates and Visitors, as well as Spire's Privacy Policy.


Kindly be advised that communication regarding your application may come from @spire.com, @recruiting.spire.com, or from Candidate.fyi (our scheduling tool).


About the Company

S

Spire

C Spire, in business since 1988, is a telecommunications-based diverse technology company and the nation's largest privately held wireless communications provider. Its primary service area is in the Southeastern U.S., with headquarters in Ridgeland, Mississippi, and a workforce of over 1,350.

C Spire provides a superior comprehensive suite of customer-inspired wireless communications to consumers and businesses through its world class 4G LTE network and 4,000+ miles of fiber infrastructure.

COMPANY SIZE
1,500 to 1,999 employees
INDUSTRY
Computer/IT Services
FOUNDED
1988
WEBSITE
https://www.cspire.com

Similar Job Searches

Aerospace Engineer Jobs in Washington, DCAir Quality Engineer Jobs in Washington, DCApplication Engineer Jobs in Washington, DCApplications Engineer Jobs in Washington, DCAutomation Engineer Jobs in Washington, DCBridge Engineer Jobs in Washington, DCBuilding Engineer Jobs in Washington, DCBuilding Technician Jobs in Washington, DCCertification Engineer Jobs in Washington, DCChemical Engineer Jobs in Washington, DC