Security Operations Engineer

Your Impact The Security Operations (SecOps) Engineer is responsible for monitoring, detecting, investigating, and responding to cybersecurity threats across the organization’s systems, networks, and cloud environments. This role operates and continuously improves security monitoring and response technologies, supports incident response and resilience planning, and ensures operational security controls are effective and measurable. The position is accountable for timely threat detection, effective incident containment, and continuous improvement of the organization’s security posture. About CivicPlus At CivicPlus, we strive to bring our company vision to life through innovation and collaboration. Supported by approachable leadership and transparent communication, we're empowered to make an impact on local government and the residents they serve. Grow your career alongside great people, where authenticity is welcome, successes are celebrated, and potential is nurtured. What You’ll Do As a SecOps Engineer you will:

• Configure, administer, and continuously tune security technologies to support prevention, detection, response, and recovery capabilities, including SIEM, EDR, IDS/IPS, WAF, vulnerability scanning tools, and cloud security platforms.
• Monitor security logs, alerts, and telemetry across on-premises and cloud environments; analyze anomalous activity and escalate or respond in accordance with established procedures.
• Investigate and respond to security alerts and incidents in production environments, performing threat hunting, root cause analysis, containment, eradication, and recovery activities.
• Maintain, update, and test incident response playbooks and procedures aligned with modern cybersecurity frameworks (including NIST 800-61); document lessons learned and implement improvements.
• Define, track, and report operational security metrics, including alert trends, incident volumes, response times, and control effectiveness.
• Support internal and external security audits and compliance assessments by providing operational evidence, incident documentation, and control validation artifacts.
• Support backup, recovery, and system resilience capabilities as part of information system contingency and business continuity planning.
• Collaborate cross-functionally with Engineering, IT, Cloud Operations, and Compliance teams to remediate vulnerabilities, strengthen security controls, and improve detection coverage.
• Develop and maintain clear, accurate documentation of security configurations, processes, investigations, and system changes to support knowledge sharing and operational continuity.
• Other duties as assigned by leadership.

What We’re Looking For We know that excellent candidates come from diverse backgrounds. Even if you don’t meet 100% of the listed requirements, we encourage you to apply! Preferred Qualifications: Education

• Bachelor’s degree in Computer Science, Cybersecurity, Information Security, Information Systems, or a related field (preferred).
• Equivalent work experience may be considered in lieu of a degree.

Certifications

• Security+, Network+, or equivalent (required).
• CySA+, GCIA, GCED, or equivalent (preferred).

Experience

• 3–7 years of experience in security operations, incident response, defensive security, or a related field.
• Experience coordinating and responding to security incidents in production environments.
• Experience working with SaaS or cloud-native security technologies and platforms.

General Skills

• Strong understanding of security operations, incident response methodologies, and defensive security controls.
• Demonstrated ability to analyze security threats and respond effectively under time-sensitive and high-pressure conditions.
• Hands-on experience administering and supporting security technologies (SIEM, EDR, IDS/IPS, WAF, and related platforms).
• Strong analytical, problem-solving, and documentation skills.
• Ability to communicate technical findings clearly to technical and non-technical stakeholders.

Why CivicPlus? This role offers:

• Protect critical public services. Help safeguard the technology that powers local governments and the communities they serve.
• Work across modern security environments. Monitor and respond to threats across cloud, SaaS, and on-prem systems using industry-leading security tools.
• Own real security outcomes. Investigate incidents, hunt threats, and continuously strengthen CivicPlus’ security posture.
• Collaborate with strong technical partners. Work closely with engineering, cloud, and compliance teams to build resilient and secure systems.

Compensation and Benefits

• Estimated Salary Grade Range: $61,700 – $87,600
• The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience and is based on a 40-hour work week.
• Benefits: Comprehensive health insurance, dental insurance, vision insurance, Flexible Time Off, 401(k) plan, and more.

Our Hiring Process

• Introductory call with Talent Acquisition
• Interview with the Hiring Manager
• Panel Interview with CivicPlus team members, including an interview project activity
• Offer

Note: The process may vary slightly depending on the role. Additional Information

• CivicPlus is currently unable to provide visa sponsorship for this position now or in the future. Applicants must be authorized to work in the US.
• We encourage you to apply as soon as possible, as applications will be reviewed on a rolling basis, and the posting may close earlier at the discretion of the Talent Acquisition team

Equal Opportunity Commitment CivicPlus is proud to be an Equal Employment Opportunity employer. We celebrate and support diversity for the benefit of our employees, products, clients, and communities. Reasonable accommodations are available during the interview process. Apply tot his job Apply To this Job