Security Analyst - IN PERSON

The IT Security Expert / Security Engineer serves as the organization’s senior technical authority for security engineering, detection architecture, and operational security tooling. This role is responsible for designing, implementing, integrating, and tuning security technologies across enterprise, cloud, and operational environments to ensure effective threat detection, response, and resilience.

The role operates independently with significant technical authority and is accountable for defining security engineering standards, integrating department-specific data sources into SOC platforms, and ensuring consistent detection and response capabilities across environments.

Key Responsibilities

Security Architecture and Engineering Ownership

• Define, maintain, and govern enterprise security engineering architecture standards.
• Own detection and response architecture design across IT, cloud, and operational environments.
• Establish technical standards for SIEM, SOAR, EDR, firewall, and IPS implementations.
• Serve as the primary technical authority for security engineering and detection architecture.

SOC and Platform Integration

• Facilitate department-specific system feeds into SOC SIEM and SOAR platforms.
• Design and manage log ingestion, normalization, enrichment, and correlation pipelines.
• Ensure telemetry coverage across endpoints, servers, networks, cloud platforms, and applications.
• Support automated response workflows and playbook development.

Endpoint, Network, and Perimeter Security

• Implement, manage, and tune endpoint protection and detection platforms.
• Design, implement, and maintain IPS and firewall rule sets.
• Integrate network, endpoint, and identity telemetry into unified detection workflows.
• Continuously tune controls to reduce false positives and improve detection fidelity.

Threat Detection and Response Enablement

• Integrate threat intelligence into detection and response workflows.
• Engineer detection logic for advanced threats across multiple environments.
• Support incident response through forensic data access, validation, and root cause analysis.
• Ensure detection capabilities align with real-world attacker techniques.

Standards, Documentation, and Governance

• Document security engineering standards, architectures, procedures, and integration patterns.
• Contribute to enterprise security governance and technical review forums.
• Ensure alignment with regulatory and framework requirements including CJIS, NIST 800-53, and NIST CSF.

Cross-Environment Integration

• Support integration across enterprise IT, cloud, and operational / production environments.
• Collaborate with infrastructure, application, and operations teams to ensure consistent security coverage.
• Ensure security engineering solutions scale across diverse municipal and departmental systems.

Required Qualifications

Education

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Network Engineering, or a closely related field.
• Associate degree with substantial hands-on experience or relevant certifications may be considered, particularly in smaller or resource-constrained environments.
• Master’s degree in Cybersecurity, Engineering, or Systems Architecture is preferred.
• Equivalent combinations of education and experience will be considered.

Experience

• 3 to 7 years of hands-on experience in security engineering, network engineering, or systems administration with a security focus.
• 1 to 3 years of experience implementing, integrating, and tuning security tools including SIEM, SOAR, EDR, firewalls, and IPS platforms.
• Demonstrated experience integrating security telemetry across multiple environments.
• Working knowledge of CJIS, NIST 800-53, and NIST Cybersecurity Framework (CSF).

Core Competencies

• Security detection architecture design
• SIEM and SOAR engineering and integration
• Endpoint and network security engineering
• Threat detection and response engineering
• Security tool tuning and optimization
• Technical documentation and standards development
• Cross-environment integration
• Independent technical problem solving

Preferred Experience

• Experience in public sector, municipal, or regulated environments
• Experience supporting SOC operations and incident response teams
• Experience with cloud security engineering and integrations
• Experience with OT / ICS or production environment security integration
• Experience serving as a senior technical authority or subject matter expert

Role Positioning

This position reflects Mercer role ITC.07.001.P50 and is designed as a senior professional expert role. The IT Security Expert / Security Engineer operates with significant independence, technical authority, and responsibility for enterprise security engineering design, integration, and operational effectiveness.

U.S. citizenship is required for this role. If you are not a citizen, please do not apply.

Job Type: Contract

Pay: $95,000.00 - $125,000.00 per year

Application Question(s):

• Are you a United States citizen?

Experience:

• Security engineering: 3 years (Required)

Location:

• Houston, TX 77002 (Preferred)

Ability to Commute:

• Houston, TX 77002 (Required)

Work Location: In person