Security Operations Engineer
New York, NY
Type: Contract-to-Hire
Category: Security
Industry: Financial Services
Reference ID: JN -032026-106194
Date Posted: 03/30/2026
Shortcut: http://careers.eliassen.com/lbzmVY
Description
Recommended Jobs
Description:
Hybrid 4 in either New York, NY or Pittsburgh, PA
The organization seeks a Security Operations Engineer to strengthen and operate a FedRAMP-aligned Azure environment using native Microsoft security tooling. The role will design detections, run incident response, and drive continuous monitoring with audit-ready evidence across NIST SP 800-53 control families. The engineer will collaborate with cloud engineering, platform teams, and compliance stakeholders to sustain authorization and operational excellence. The position requires proficiency with Microsoft Sentinel, Defender for Cloud, Azure Policy, Entra ID, and KQL.
This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.
Rate: $84.00 to $94.00/hr. w2
Responsibilities:
Design, implement, and tune detections in Microsoft Sentinel, including analytic rules, workbooks, watchlists, and automation with Logic Apps and Playbooks.
Build incident response runbooks and orchestration for triage, enrichment, and response using Sentinel automation.
Maintain log onboarding pipelines, data connectors, and normalization in Log Analytics to ensure coverage for in-scope resources.
Conduct daily SecOps functions including alert triage, investigation, threat hunting, containment, and post-incident reviews.
Leverage Defender for Cloud, Defender for Cloud Apps, Entra ID Protection, and Microsoft Defender XDR signals to correlate and respond to threats.
Document evidence and maintain audit-ready case records, contributing to POA&M entries and corrective actions.
Manage misconfigurations and control enforcement using Defender for Cloud recommendations, Secure Score, and Azure Policy.
Partner with platform engineering to remediate vulnerabilities and configuration drift, tracking closures against FedRAMP timelines.
Maintain baseline guardrails via Azure Policy and Blueprints and monitor compliance and exceptions with Continuous Monitoring reporting.
Implement and support least-privilege patterns with Entra ID, PIM, Conditional Access, RBAC, and managed identities.
Coordinate FIPS 140-2 validated cryptography usage with Key Vault and ensure encryption standards at rest and in transit are met and evidenced.
Operate Azure Firewall, NSGs, Private Link, and DDoS Protection and monitor and remediate anomalies.
Ensure logging and telemetry for network controls are complete, retained, and queryable within Sentinel.
Produce monthly and quarterly Continuous Monitoring artifacts and maintain supporting evidence.
Update detection coverage maps, control implementation narratives, and operational runbooks as environment changes occur.
Collaborate with compliance and assessors, support interviews, evidence collection, and remediation tracking.
Embed security checks into CI/CD pipelines using native integrations and support policy compliance and validation.
Enforce disciplined change processes and ensure changes are reflected in the SSP, control evidence, and detections.
Experience Requirements:
5+ years in security operations engineering or incident response, including 2+ years operating native Microsoft security tooling in Azure.
Hands-on experience building and tuning Microsoft Sentinel detections and automating response with Logic Apps and Playbooks.
Practical knowledge of FedRAMP Moderate or High baselines and NIST SP 800-53 control families relevant to operations, including AC, AU, CM, IR, RA, SC, and SI.
Proficiency with Defender for Cloud, Azure Policy, Entra ID including PIM and Conditional Access, Key Vault, Azure Monitor, and Log Analytics.
Strong incident response skills across triage, investigation, containment, and post-incident documentation with audit-quality evidence.
Experience operating vulnerability and misconfiguration management workflows and meeting remediation SLAs aligned to FedRAMP timelines.
Scripting and automation familiarity using KQL for Sentinel and PowerShell, with ARM, Bicep, or Terraform basics.
Excellent documentation and communication skills for playbooks, evidence packages, and stakeholder updates.
Experience with Azure Government or GCC High environments (preferred).
Prior contributions to FedRAMP Continuous Monitoring reporting and POA&M lifecycle management (preferred).
Experience aligning native controls and detections to payment or mission-critical workload risk profiles (preferred).
Familiarity with Microsoft Purview, Defender for Cloud Apps, Entra ID Protection, and Private Link patterns (preferred).
Certifications such as AZ-500, SC-200, CISSP, or CCSP (preferred).
Education Requirements:
Relevant professional certifications such as AZ-500 Azure Security Engineer Associate (preferred).
SC-200 Microsoft Security Operations Analyst (preferred).
CISSP or CCSP certification (preferred).
Recruitment Transparency Notice
Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team ( noreply@eliassen.com , 781-808-2924) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process.
Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.
W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
If anyone reaches out to you about an open position connected with Eliassen Group, please ensure that you are working directly with us by confirming the following:
· When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.
· Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group.
If you have any indication of fraudulent activity, please contact fraud@eliassen.com _.
About Eliassen Group:
Eliassen Group is a strategic consulting firm that helps organizations reach further and achieve more through our technology, business advisory, and life sciences solutions. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients' capacity and accelerate meaningful outcomes. We are driven by a purpose to positively impact the lives of our employees, clients, consultants, and the communities we serve.
Eliassen is committed to building a diverse and inclusive team from a variety of backgrounds, perspectives, and skills. We are an Equal Opportunity and Affirmative Action Employer and all employment decisions are based on merit, performance, and business needs. Eliassen does not discriminate on the basis of race, color, gender identity or expression, sexual preference or orientation, sex (including pregnancy, childbirth, and related medical conditions), marital status, creed, religion, physical or mental disability, genetic information, military or veteran status, age, ancestry, national origin, citizenship status, prohibited criminal record inquiries of applicants and employees, or any other category protected by federal, state, or local laws.
Don't miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!_
