Engineering Team Lead

Requisition No: 870505
Agency:
Management Services

Working Title:

ENGINEERING TEAM LEAD
- Pay Plan: SES
Position Number:
Salary: $ - $
Posting Closing Date: 03/06/2026

Total Compensation Estimator Tool

Engineering Team Lead

Florida Digital Service

State of Florida Department of Management Services

This position is located in Tallahassee, FL

The Engineering Team Lead provides technical leadership and operational oversight for the cybersecurity engineering team responsible for supporting, developing, and sustaining the enterprise security tooling that enables SOC operations. This role ensures the reliability, availability, and effectiveness of security platforms, data pipelines, and telemetry sources used for threat detection, analysis, and incident response. The Engineering Team Lead is accountable for the technical correctness, performance, and operational value of enterprise SIEM detections and supporting telemetry pipelines.

This role requires deep hands‑on expertise in detection engineering, telemetry selection, and data quality management to ensure that SOC operations receive only the data required for effective detection, investigation, and response. The Engineering Team Lead must be capable of directly tuning, validating, and troubleshooting detections and telemetry flows across environments.

The Engineering Team Lead is responsible for supporting SOC tool modernization by developing engineering capability, operational processes, and technical readiness necessary, while sustaining current operational requirements and advancing the organization toward the target‑state architecture.

• Lead a cybersecurity engineering team with varying technical skill sets, balancing legacy platform support with the development of modern security engineering capabilities.
• Ensure timely execution of assigned operational, project, and improvement activities.
• Manage task assignments, workloads, and priorities to ensure effective delivery of engineering support for SOC operations and enterprise initiatives.
• Mentor and develop engineering staff by providing technical guidance, performance feedback, and opportunities to build depth across security platforms and technologies.

• Lead strategy and execution for the enterprise SOC tool stack, including SIEM, data lake, SOAR, detection, and threat intelligence platforms.
• Own the technical lifecycle of SIEM detections, including creation, validation, tuning, versioning, deployment, and retirement, ensuring detections function as intended in production.
• Ensure that security telemetry ingested from the Security Lake into the SIEM is intentionally scoped, operationally necessary, and optimized for detection and investigation use cases.
• Support and maintain existing enterprise security consoles and centrally managed security solutions while planning and executing the transition to modernized, integrated SOC platforms.
• Evaluate telemetry sources for signal value, redundancy, cost, and analytic usefulness, and remove or suppress data that does not materially support SOC operations.
• Ensure high availability, performance, and reliability of security tooling and supporting infrastructure.
• Oversee ingestion and retention of security telemetry to ensure data completeness, accuracy, and usability.
• Validate telemetry fidelity and data quality to support effective detection, analytics, and threat-hunting activities.

• Advanced knowledge of SIEM detection engineering concepts, including correlation logic, thresholds, suppression, enrichment, and performance impacts.
• Strong understanding of security telemetry sources across endpoint, identity, network, cloud, and application domains and their relevance to detection use cases.
• Knowledge of structured detection rule frameworks, including Sigma, and how abstract detection logic maps to platform-specific implementations.
• Understanding of how data volume, latency, and quality affect SOC detection accuracy and investigative effectiveness.

• Direct day‑to‑day engineering operations supporting SOC…