Security System Administrator – Lead
Full-time
Hybrid, Washington, DC
USA - Must Work EST (8:30AM - 5:30PM)
U.S Citizen
Primary Purpose and Goal of Role
The Security System Administrator – Lead is responsible for designing and standardizing Security Operations Center (SOC) capabilities, including processes, workflows, playbooks, and tooling standards. This role focuses on developing and maturing Tier 1 and Tier 2 SOC operational models, ensuring detection, triage, and response procedures meet organizational and compliance requirements. Rather than performing routine monitoring, the position leads the establishment, readiness, and transition of SOC operations to steady-state execution, collaborating with engineering, compliance, and SOC teams to maintain consistent and scalable security across environments.
Responsibilities
- Design and define SOC operating models, including escalation paths, roles, and responsibilities across Tier 1 and Tier 2 functions
- Develop and maintain SOC workflows, playbooks, standard operating procedures (SOPs), and runbooks to support detection and response activities.
- Establish alert triage criteria, investigation workflows, and response standards for security events
- Define and oversee configuration standards for SIEM, SOAR, and Endpoint Detection & Response (EDR) platforms
- Support and lead SOC readiness reviews, validation exercises, and operational assessments to ensure effectiveness of processes and tooling
- Develop and execute transition plans from implementation to steady-state SOC operations, ensuring operational continuity
- Collaborate with Security Engineers, Threat Detection teams, and Compliance stakeholders to align SOC processes with enterprise security requirements
- Ensure all SOC processes and tooling configurations align with applicable security frameworks and operational standards
REQUIREMENTS
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field
- 6–9+ years of experience in Security Operations, SOC Engineering, or Security Administration, with demonstrated leadership responsibilities
- Experience designing and implementing SOC processes, workflows, and operational models
- Hands-on knowledge of SIEM, SOAR, and EDR platforms, including configuration and operational standards
- Experience defining alert triage, incident investigation, and response procedures
- Familiarity with security operations frameworks and best practices in detection and response
- Experience supporting SOC stand-up, transformation, or maturity initiatives is highly desirable
- Strong documentation and process development skills, with the ability to create structured operational content
- Excellent collaboration and communication skills across technical and non-technical stakeholders
- Must be a U.S. Citizen and eligible to support federal contracting environments
Quzara LLC is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring based on sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law.