The Nitty Gritty:
· Contract: 12 months
· Location: If local to San Antonio (onsite) or fully Remote
· Travel: May be required if not local to visit San Antonio - once or twice during the year.
Overview:
Google Security Operations (SecOps) Engineer to support client in a full-time staff augmentation capacity. The Google SecOps platform has been deployed but is early in its operational maturity. This role will provide hands-on administration, optimization, and subject matter expertise to help the client improve platform usability, data ingestion, detection fidelity, and overall SOC effectiveness.
The ideal candidate is a self-directed security operations professional with a strong threat hunting mindset who can operate independently while collaborating across security, IT, and engineering teams.
Key Responsibilities:
Platform Administration & Ownership
• Serve as the primary operator and SME for the Google SecOps platform
• Monitor platform health, ingestion pipelines, and data flow
• Maintain and optimize UDM mappings, parsers, and connectors
• Troubleshoot ingestion and normalization issues
• Support case management workflows and automation
Detection Engineering & Threat Hunting
• Develop, tune, and maintain detection rules and analytics
• Perform proactive threat hunting across enterprise telemetry
• Reduce false positives and improve alert fidelity
• Leverage threat intelligence for enrichment and correlation
• Build dashboards and operational metrics
Data Onboarding & Pipeline Expansion
• Onboard and normalize new log sources across IT (and OT where applicable)
• Validate telemetry coverage and identify visibility gaps
• Partner with infrastructure and application teams to expand logging
• Improve enrichment and correlation quality
• Optimize ingestion pipelines for performance and scale
SOC Enablement & Collaboration
• Partner with SOC analysts to improve workflows and usability
• Provide mentoring and knowledge transfer to junior staff
• Document runbooks, standards, and operational procedures
• Support incident investigations when required
• Communicate technical findings to stakeholders
Continuous Improvement
• Identify platform maturity gaps and improvement opportunities
• Recommend and implement automation use cases
• Establish operational best practices
• Support roadmap development for SecOps growth
• Measure and report on platform effectiveness
Required Qualifications
Experience
• 5+ years in Security Operations, SIEM engineering, or detection engineering
• Hands-on experience with Google SecOps / Chronicle
• Experience working within SOC or Incident Response environments
• Strong background onboarding and normalizing log sources
• Experience tuning detections and reducing alert noise
• Proven ability to work independently in client environments
Technical Skills
• UDM and parser tuning
• Detection rule development
• Log ingestion pipelines
• SOAR / automation workflows
• Threat intelligence integration
• Query development and data analysis
• Cloud telemetry (GCP, AWS, or Azure)
PDS and Pellera Technologies offers equal opportunity to employees and applicants regardless of race, color, creed, sex, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation or any other consideration made unlawful by federal, state, or local laws. PDS and Converge Technology Solutions does not accept unsolicited resumes from third-party vendors associated with fees.
Job Types: Full-time, Contract
Pay: $70.00 - $80.00 per hour
Benefits:
• Dental insurance
• Health insurance
• Life insurance
• Vision insurance
Work Location: Remote