Cybersecurity Contractor – SIEM, SOC, and Incident Response Support

Project Overview

The selected contractor will support key cybersecurity initiatives including SIEM operations, automation, incident response processes, and integration of security tools. This role is critical to advancing our security operations and maturity.

Highlighted Requirements

• 2+ years of SIEM experience, preferably with Azure Sentinel and Kusto Query Language (KQL)
• Multi-year, direct experience in Incident Response, ideally in an Incident Response Team or MSSP setting for medium to large organizations
• Practical experience with tools within the Microsoft security stack

Key Skills

• Cyber Incident Response
• KQL – Deep understanding and hands-on experience
• SOC Analyst / Operations – Level 1, 2, and 3 (Triage, Escalation)
• SIEM Administration – Managing, maintaining, creating custom detections/logging
• SentinelOne – In-depth knowledge for incident handling, hunting, queries, and detections
• Linux Administration – Comfortable with navigation, configuration, and server management
• Microsoft Cloud Security Tools – Understanding of architecture and platform use

Additional Skills

• Data analysis and reporting

Education

• Required: High School diploma or GED equivalent
• Preferred: Bachelor’s degree or currently pursuing a degree in Information Systems, Information Assurance, Cybersecurity, IT, Computer Science, or a related field

Certifications

• Required/Preferred:
  • CompTIA Security+
  • CompTIA Network+
  • Other relevant industry certifications

Experience

• Minimum of 5 years of progressive work experience in Information Security, IT, Computer Science, or a related field

Role and Responsibilities

• Contribute to the development of cybersecurity strategies, objectives, and project plans
• Assist with design and implementation of improved cybersecurity processes and services
• Administer and maintain cybersecurity technology platforms for the Elections Administrative Department and the Harris County enclave
• Fulfill customer requests and support daily security operations, including incident monitoring, analysis, and response
• Analyze cybersecurity threats and vulnerabilities and develop appropriate mitigation strategies
• Create documentation including procedures, job aids, reports, metrics, and presentations
• Participate in Cybersecurity Incident Response Team (CIRT) investigations and activities

Scheduled Milestones & Deliverables

• Enhance maturity of SIEM, SOC, and Incident Response processes
• Integrate automation best practices
• Improve Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)

Performance Metrics

• Completion of projects related to SIEM and other security platforms (e.g., incidents, alerts, tickets)
• Availability and uptime of systems
• SOC effectiveness
• Compliance with defined processes and procedures