Sr. Security Operations Engineer

OpenGov is the leader in AI and ERP solutions for local and state governments in the U.S. More than 2,000 cities, counties, state agencies, school districts, and special districts rely on the OpenGov Public Service Platform to operate efficiently, adapt to change, and strengthen the public trust. Category-leading products include enterprise asset management, procurement and contract management, accounting and budgeting, billing and revenue management, permitting and licensing, and transparency and open data. These solutions come together in the OpenGov ERP, allowing public sector organizations to focus on priorities and deliver maximum ROI with every dollar and decision in sync. Learn about OpenGov's mission to power more effective and accountable government and the vision of high-performance government for every community at OpenGov.com.

Summary

The Senior Security Operations Engineer is a hands-on technical expert who strengthens, maintains, and evolves the company's security monitoring, detection, response, and operational resilience. This role works across Security, Infrastructure, DevOps, and Product Engineering to enhance visibility, reduce risk, and operationalize defenses at scale. The ideal candidate has deep experience in cloud-native detection engineering, modern security tooling, incident response, and building automation that reduces manual workload while improving precision and speed.

Key Responsibilities

Develop, tune, and maintain detections across SIEM, EDR, cloud-native logs, WAF and SaaS platforms to reduce noise and improve true positive rates.

Partner with cloud / infrastructure teams to ensure comprehensive log coverage across AWS, Kubernetes, CI / CD pipelines, and core services.

Build detection-as-code and automated response playbooks to improve scalability and consistency.

Conduct proactive threat hunts based on threat intel, anomalous behavior, and TTPs used by modern threat actors.

Analyze incidents, suspicious activity, malware, and exploits to determine impact and prevent recurrence.

Lead deep dives into emerging threats, supply-chain risks, and vulnerabilities affecting the environment.

Serve as a senior escalation point during real-time incidents, leading technical triage, containment, and forensic analysis.

Develop and maintain incident response runbooks, tabletop exercises, and after-action reviews.

Partner with AppSec, IT, and Engineering to drive durable remediation and process improvements.

Administer and optimize security platforms including SIEM, EDR, SOAR, WAF, cloud security tooling (GuardDuty, CloudTrail, Config), vulnerability management, and identity security.

Build scripts, workflows, and integrations that automate repetitive tasks and strengthen OpsGenie / PagerDuty-driven response processes.

Evaluate new technologies to enhance the security operations stack and reduce time-to-detect / time-to-respond.

Support the scanning, triage, and remediation of vulnerabilities across cloud, endpoints, containers, and third-party SaaS tools.

Develop dashboards and metrics (MTTD / MTTR, coverage, SLA adherence, threat trends) for leadership reporting.

Ensure configuration baselines are enforced and monitored across the environment.

Collaborate with Engineering and IT to enable secure cloud, IAM, and network designs.

Provide Tier 3 support during escalations from the SOC analysts and ensure clarity in ownership and response actions.

Contribute to policy, standard, and procedure development to align with SOC 2, GovRAMP, and NIST requirements.

Qualifications Required

6+ years in Security Operations, Incident Response, or Threat Detection roles.

Strong hands-on experience with SIEM platforms, EDR tools, SOAR pipelines, WAF, and cloud logging / monitoring (AWS preferred).

Expertise in network security, Linux / Windows internals, containerized workloads, and cloud-native architectures.

Ability to lead incidents end-to-end, including analysis, forensics, containment, and long-term fixes.

Proficiency with scripting / automation (Python, Bash, PowerShell, etc.).

Familiarity with MITRE ATT&CK, threat hunting methodologies, and modern adversary techniques.

Preferred

Experience in high-growth SaaS, multi-cloud, or distributed environments.

Knowledge of SOC 2, GovRAMP Moderate, TX-RAMP, NIST 800-53, and log / audit requirements.

Experience with purple teaming, attack simulation tools, and detection gap assessments.

Background in DevOps, cloud engineering, or IT systems administration.

Compensation :

Boston, MA : $130,000 - $150,000

On target ranges above include base plus a portion of variable compensation that is earned based on company and individual performance.

The final compensation will be determined by a number of factors such as qualifications, expertise, and the candidate's geographical location.

Why OpenGov?

A Mission That Matters.

At OpenGov, public service is personal. We are passionate about our mission to power more effective and accountable government. Government that operates efficiently, adapts to change, and strengthens public trust. Some people say this is boring. We think it's the core of our democracy.

Opportunity to Innovate

The next great wave of innovation is unfolding with AI, and it will impact everything-from the way we work to the way governments interact with their residents. Join a trusted team with the passion, technology, and expertise to drive innovation and bring AI to local government. We've touched 2,000 communities so far, and we're just getting started.

A Team of Passionate, Driven People

This isn't your typical 9-to-5 job; we operate in a fast-paced, results-driven environment where impact matters more than simply clocking in and out. Our global team of 800+ employees is united in our commitment to challenge the status quo. OpenGov is headquartered in San Francisco and has offices in Atlanta, Boston, Buenos Aires, Chicago, Dubuque, Plano, and Pune.

A Place to Make Your Mark

We pride ourselves on our performance-based culture, where every employee is encouraged to jump in head-first and take action to help us improve. If you have a great idea, we want to hear it. Excellent performance is recognized and rewarded, and we love to promote from within.

Compensation Range : $130K - $150K