Senior Security Operations Engineer

About this role

### Location: Remote (US-based)

### About Dispel:

Dispel is the fastest-growing cybersecurity company recognized in the 2025 Cybersecurity Excellence Awards. We deliver zero trust secure remote access and real-time data streaming for operational technology (OT) and industrial control systems (ICS). Our patented Moving Target Defense technology — referenced in NIST 800-172 — protects critical infrastructure for utilities serving 54 million+ people, manufacturers producing over 50% of US baby formula, and major defense contracts including a $950M IDIQ with the US Air Force.

### Why This Role Exists:

Dispel is pursuing FedRAMP High authorization while simultaneously operating a commercial security program. We have a functioning SOC built on Google SecOps (Chronicle) and SentinelOne, but we need a senior IC who can take it from "stood up" to "operationally mature." Today our SIEM ingests approximately 35% of total log sources. Our federal environment is at 75% coverage; commercial AWS sits at 30%; Azure and Entra ID are at 0%. Our MSSP recently transitioned and needs an internal technical owner to drive accountability. Our detection library, SOAR playbooks, and vulnerability dashboards are in draft or partially built.

This person will be the day-to-day technical owner of SOC operations, responsible for closing coverage gaps, building detections, maturing incident response, and providing senior technical direction to the existing SOC analyst. This is a hands-on-keyboard role with leadership expectations — you will not formally manage people, but you will set priorities, review deliverables, and drive execution across the SOC function.

### Requirements

### Key Responsibilities:

SIEM/SOAR Operations (Google SecOps)

• Own the log ingestion pipeline end-to-end: identify gaps, build feeds, validate parsing, maintain coverage dashboards
• Close the federal logging gap from 75% to 95%+ and stand up commercial logging from 30% to 85%+ across AWS, Azure, ...