Core one is seeking a Security Operations SME with operations room/center experience to join our growing Technical Advisory team. The Security Operations SME will be responsible for the standup of a new SOC capability, selection and deployment of effective and robust threat analysis tool suite and workflow. This individual would be expected to actively participate in SOC solution design and implementation and see it from concept to operation. The Security Operations SME would also initially lead threat investigations and provide expert support to incident response and monitoring functions.  

Responsibilities:

  • Deploying and monitoring intrusion detection systems, ingesting global security incident notifications, dispatching, and escalating in response to security alerts and notifications.
  • Manage email, phone communications, generate and/or manage trouble tickets, handle incoming chats, and provide technical support to customers.
  • Work with developers, IT, and other Information Security staff as needed to resolve security events and complete projects.
  • Investigate and resolve anomalies and events.
  • Assist with maintaining and enhancing the current security infrastructure.
  • Assist with network security evaluations and enhancements.
  • Perform analysis around cyber-events by conducting research; evaluating the effect and impacts generated by the event, developing, or recommending analytic approaches of solutions to problems with incomplete information.
  • Identification of cyber threats through common methodology
  • Coordination and communication with client and corporate technical staff to prepare assessment reports, briefing and action reports in response to identified security events, tailoring analysis, and options for the client operational environment.
  • Utilize multiple analytic tools, databases, and techniques to perform signal analysis and provide documented outcomes.
  • Provide feedback and drive continuous improvement of internal processes, products, and services.
  • Share information to improve the efficiency and response capabilities of the SOC organization and services.
  • Knowledge of web application assessments and penetration testing activities.
  • Evaluate emerging and available Information Security Technologies and make recommendations to better improve security on the networks.

Minimum Requirements:

  • An active TS level clearance 
  • At least 3 years’ experience working in security operations room/centers
  • Bachelor’s degree and/or 5+ years relevant experience in lieu of education
  • 4-7 years of hands-on experience in operational using SEIM, firewall, IDS/IPS, proxy, DLP, and/or virtualization tools in support of detection, response, mitigation, and/or reporting of cyber threats affecting systems and networks
  • Expertise with security event monitoring, analysis, and triage
  • Strong understanding of security principles such as attack frameworks, threat landscapes, attacker TTPs, etc.
  • Strong knowledge of network communications, routing protocols, regulatory standards and compliance requirements and common internet applications/standards
  • Familiarity with Linux/Windows/Mac Operating systems
  • Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
  • Some scripting or programming experience (e.g. C, C++, C#, Python, HTML, JavaScript, .NET)

Desired Skills/Experience:

  • Active TS/SCI w/ Poly clearance 
  • Current Technical Security certifications (i.e. CISSP, Certified Ethical Hacker, CCNA, CISM)
  • Splunk experience


About Core One 
Our mission is to be at the forefront of devising analytical, operational and technical solutions to our Nation's most complex national security challenges.  In order to achieve our mission, Core One values people first and is comprised of outstanding professionals from the national security community.  Because Core One is committed to seeking top talent, we offer competitive compensation and benefits packages. In addition, Core One is a team-oriented, dynamic and growing company that values exceptional performance.

Core One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Apply for this Job

* Required
resume chosen  
Dropbox Google Drive
(File types: pdf, doc, docx, txt, rtf)
Cancel
cover_letter chosen  
Dropbox Google Drive
(File types: pdf, doc, docx, txt, rtf)
Cancel
When autocomplete results are available use up and down arrows to review
+ Add another education

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Core One’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.