Engineer - IT Security

Job Family:

Travel Required:

Clearance Required:

What You Will Do:

• Monitor security events and alerts across SIEM, EDR, IDS/IPS, firewalls, endpoint tools, and other security platforms in real-time
• Perform initial triage of alerts to identify false positives vs. genuine security incidents
• Execute predefined runbooks and standard operating procedures (SOPs) for common alert types
• Document all alerts, investigations, and actions in the incident ticketing system with clear, concise notes
• Escalate confirmed or high-priority incidents to Level 2 analysts with appropriate context and supporting evidence
• Analyze basic logs, network traffic, and indicators of compromise (IOCs) under guidance
• Assist with maintaining and tuning detection rules and monitoring dashboards (with supervision)
• Participate in shift handovers, team briefings, and continuous improvement discussions
• Stay current on emerging threats, basic attack techniques, and SOC tooling through on-the-job learning and training
• Clear career progression path: Level 1 → Level 2 → Level 3 / Incident Responder

What You Will Need:

• Must have a bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
• Minimum 1 year of experience in IT, cybersecurity, or a related field 
• Strong interest in cybersecurity and willingness to learn in a fast-paced, 24/7 environment
• Basic understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, ports/protocols)
• Familiarity with common security concepts: malware, phishing, brute force, privilege escalation, etc
• Ability to read and interpret logs and alerts (prior SIEM exposure is a plus but not required)
• Excellent written and verbal communication skills for clear incident documentation and escalation
• Strong attention to detail and ability to work methodically under time pressure
• Comfortable working rotating shifts (including nights/weekends)

What Would Be Nice To Have:

• Exposure to CompTIA Security+ (or equivalent entry-level certification like CySA+, Network+, Google Cybersecurity Certificate)
• Exposure to SIEM platforms (Splunk, Elastic, Microsoft Sentinel, QRadar, etc.)
• Basic scripting knowledge (PowerShell, Python, or similar) for log querying or automation
• Experience with EDR tools (ReliaQuest/Greymatter, Microsoft Defender, SentinelOne, CrowdStrike, etc.)
• Understanding of MITRE ATT&CK framework basics
• Excellent communication skills, with strong verbal and writing proficiencies
• Ability to positively influence and persuade individuals of varying levels
• Demonstrated ability to learn and document new technologies/solutions
• Strong work ethic with commitment and time management skills
• Ability to exercise judgement within procedures and practices to determine appropriate action
• Ability to manage and prioritize multiple work requirements to meet deadlines
• Ability to work independently and in a team environment
• Good planning, commitment, and time-keeping skills
• Excellent Planning, Reasoning, Analytical and problem-solving skills
• Prior experience in working as part of a multi-national corporation with diverse and geographically dispersed team
• A proactive customer centric approach and excellent learning skills

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

About Guidehouse

Guidehouse is an Equal Opportunity Employer–Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or guidehouse@myworkday.com.  Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse.  Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse’s Ethics Hotline. If you want to check the validity of correspondence you have received, please contact recruiting@guidehouse.com. Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant’s dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.