NEWPosted 4 hours ago

Job ID: JOB_ID_9410

Job Overview:

We are seeking an experienced Infrastructure Project Manager to join our team for a long-term contract role in Boston, MA. This position requires 3 days a week onsite presence. The ideal candidate will have a strong background in security operations, incident response, and security engineering, with a focus on cloud environments, particularly GCP. You will be responsible for implementing, configuring, and maintaining Google SecOps (Chronicle SIEM + SOAR), owning the platform configuration end-to-end, and developing detection as code practices.

Key Responsibilities:

  • Implement, configure, and maintain Google SecOps (Chronicle SIEM + SOAR).
  • Own SecOps platform configuration end-to-end: data sources, parsers, correlation rules, enrichments, user/role configuration, and integration with ticketing/ITSM and messaging tools.
  • Design and implement detection as code: manage SIEM detections, correlation rules, and content in version control (e.g., Git), using code-driven workflows, reviews, and CI/CD where applicable.
  • Develop, tune, and maintain reusable detection logic, including rule templates, mappings to MITRE ATT&CK, and test cases for validating new and updated detections.
  • Create, maintain, and optimize automation playbooks in SOAR for common and complex use cases (phishing triage, suspicious login, malware, data exfiltration, privilege escalation, cloud misconfigurations).
  • Continuously improve automation coverage and quality by identifying manual tasks, converting them into playbooks, and measuring playbook performance (MTTR, autoresolution rate, false positives).
  • Onboard and normalize security telemetry from GCP, SaaS platforms, endpoints, network devices, and identity providers into Google SecOps, including parser/taxonomy tuning.
  • Own L2 triage of security alerts: validate, correlate, and prioritize events escalated by L1, and perform deepdive investigations using Chronicle search, pivots, and threat intelligence.
  • Lead or participate in incident response: containment, eradication, recovery, documentation, and postincident review; feed lessons learned back into detections and automation playbooks.
  • Contribute to proactive threat hunting based on hypotheses, IOCs, TTPs, and threat intel feeds, and codify successful hunts into reusable detections and automated workflows.
  • Act as a stand-in On-call support one week per month for any major escalations.
  • Monitor platform health and data quality for Google SecOps (log gaps, parsing errors, latency, ingestion failures) and drive resolution with engineering/ops teams.
  • Document runbooks, SOPs, detection and playbook catalogs, and knowledge articles to enable L1 teams and ensure consistent service delivery.

Required Skills and Experience:

  • 3-5 years of experience in Security Operations (SOC), Incident Response, or Security Engineering, including hands-on work in cloud environments (preferably GCP).
  • Strong experience with SIEM/SOAR platforms; direct experience with Google SecOps / Chronicle SIEM + SOAR is highly preferred.
  • Proven experience implementing detection-as-code practices: managing rules/content, using branching, code review, and testing approaches for detections and playbooks.
  • Experience designing and maintaining automation playbooks in SOAR tools, including integrations (REST APIs, webhooks, custom connectors) and error-handling strategies.
  • Good understanding of security concepts and services: IAM, VPC, firewall rules, Cloud DNS, Cloud Storage, Load Balancing, Security Command Center, Cloud Logs, and Monitoring.
  • Solid knowledge of network and security fundamentals: TCP/IP, DNS, VPNs, proxies, IDS/IPS, WAF, EDR, authentication and authorization, encryption, and common attack techniques.
  • Demonstrated experience in incident handling, threat analysis, and root cause analysis across endpoints, identities, and cloud workloads.
  • Scripting or automation skills (e.g., Python, Bash, YAML, or similar) to build integrations, detections, and SOAR workflows, and to support CI/CD for SecOps content.
  • Familiarity with security frameworks and standards (MITRE ATT&CK, NIST, CIS, SOC 2, PCIDSS, ISO 27001) and how they map to detections and controls.
  • Strong analytical and troubleshooting skills, with the ability to work independently in an L2 capacity and mentor L1 analysts.
  • Excellent written and verbal communication skills for working with US-based stakeholders and documenting technical content.

Good To Have/Preferred:

  • Google Cloud Professional Security Operations Engineer or Professional Cloud Security Engineer certification.
  • Prior experience working with US enterprises, MSSP environments, or 24×7 global SOCs.

Special Requirements

3 days a week onsite. On-call support one week per month. Keywords: continuous integration continuous deployment Massachusetts.

Compensation & Location

Salary: $100,000 – $150,000 per year (Estimated)

Location: Boston, MA

Recruiter / Company – Contact Information

Email: hul@nusofttek.com

Interested in this position?
Apply via Email

Recruiter Notice:
To remove this job posting, please send an email from
hul@nusofttek.com with the subject:

DELETE_JOB_ID_9410

to delete@join-this.com.