1

Security Operations Jobs in Texas (NOW HIRING)

The Director, Security Operations role is highly technical and leads the operational response to security events and incidents as well as provides a point of escalation. You will be deeply involved ...

The Director, Security Operations role is highly technical and leads the operational response to security events and incidents as well as provides a point of escalation. You will be deeply involved ...

This role sits within Security Operations and focuses on delivering managed and co-managed security monitoring, detection engineering, incident response, and continuous improvement using Microsoft ...

This role sits within Security Operations and focuses on delivering managed and co-managed security monitoring, detection engineering, incident response, and continuous improvement using Microsoft ...

The role is especially critical during construction-to-operations transitions, where temporary systems, evolving security postures, commissioning activities, and frequent operational handoffs create ...

next page

Showing results 1-20

Security Operations information

See Texas salary details

$32.6K

$73.2K

$130.9K

How much do security operations jobs pay per year?

As of Jul 4, 2026, the average yearly pay for security operations in Texas is $73,209.00, according to ZipRecruiter salary data. Most workers in this role earn between $48,400.00 and $93,600.00 per year, depending on experience, location, and employer.

What is the difference between Security Operations vs Security Analyst?

AspectSecurity OperationsSecurity Analyst
CertificationsCompTIA Security+, CISSP, CEHCompTIA Security+, CISSP, CEH
Work EnvironmentSecurity operations centers (SOCs), 24/7 monitoringOffice or remote, analyzing security data
Employer & Industry UsageOrganizations with dedicated security teams, cybersecurity firmsBusinesses, government agencies, cybersecurity firms

Security Operations and Security Analysts both require similar certifications and often work within cybersecurity teams. Security Operations focus on continuous monitoring, incident response, and managing security tools, while Security Analysts analyze security data, investigate threats, and recommend improvements. Both roles are essential for maintaining organizational security but differ in scope and daily responsibilities.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role can be entry level, especially for those with foundational knowledge of cybersecurity, networking, and security tools. Many organizations offer entry-level positions that provide on-the-job training, but some roles may require prior experience or certifications such as CompTIA Security+ or Cisco CCNA. Advancement often involves gaining experience and additional certifications in cybersecurity.

What are the key skills and qualifications needed to thrive in Security Operations, and why are they important?

To excel in Security Operations, a strong understanding of cybersecurity principles, threat analysis, and incident response is essential, often supported by a degree in information security or a related field. Familiarity with security information and event management (SIEM) systems, intrusion detection tools, and certifications like CISSP or CompTIA Security+ is highly beneficial. Attention to detail, problem-solving abilities, and effective communication are crucial soft skills for quickly identifying and addressing security threats. These competencies protect organizational assets, ensure compliance, and enable rapid, coordinated responses to security incidents.

What are Security Operations?

Security Operations refers to the processes, teams, and technologies focused on protecting an organization's information systems from cyber threats. Security Operations Centers (SOCs) monitor and analyze security events, respond to incidents, and ensure compliance with security policies. Teams may use tools like intrusion detection systems, SIEM (Security Information and Event Management), and endpoint protection. The goal is to detect, investigate, and respond to cybersecurity incidents quickly to minimize risk and damage. Security Operations professionals work around the clock to keep an organization's digital assets safe.

How does a Security Operations professional typically collaborate with other IT and business teams?

Security Operations professionals regularly work alongside IT, network, and application teams to resolve security incidents, implement best practices, and maintain compliance. They often participate in cross-functional meetings to assess risks, share threat intelligence, and develop response strategies. Building strong communication and trust with other departments is crucial, as it helps ensure timely detection and remediation of threats while aligning security measures with business objectives.

What jobs in the US pay 300,000 a year?

In security operations, high-level roles such as Chief Security Officer (CSO) or Security Director can reach or exceed $300,000 annually, especially with extensive experience, certifications, and leadership responsibilities. These positions often require strategic oversight, risk management skills, and a strong understanding of cybersecurity or physical security environments.

What is the role of security operations?

Security operations involve monitoring, detecting, and responding to security threats to protect an organization’s information systems. Security operations teams use tools like Security Information and Event Management (SIEM) systems and follow established protocols to ensure the confidentiality, integrity, and availability of data. The role often requires 24/7 vigilance and relevant certifications such as CISSP or Security+.

What is the highest paying security job?

The highest paying security jobs are often executive-level roles such as Chief Security Officer (CSO) or Security Director, which can earn six-figure salaries. These positions typically require extensive experience, leadership skills, and knowledge of security management, risk assessment, and compliance.
What are the most commonly searched types of Security Operations jobs in Texas? The most popular types of Security Operations jobs in Texas are:
What cities in Texas are hiring for Security Operations jobs? Cities in Texas with the most Security Operations job openings:
Security Operations Engineer

Security Operations Engineer

Allied Consultants, Inc.

San Antonio, TX • On-site

Contractor

Medical, Life, Retirement

Posted 9 days ago


Job description

Texas GovLink, Inc. is an Austin-based firm which has been a leading provider of technical and business professionals to clients in Texas. We are currently seeking an experienced Security Operations Engineer to be a key resource on a technical services team.

Texas GovLink offers its family of consultants excellent rates, a local support staff, and an attractive benefits package which includes medical insurance (TGL shares a percentage of the cost), life insurance, a matching 401(k) plan and a cafeteria plan.
Candidates selected for interview will be required to undergo criminal background checks and may be required to complete a drug screen in accordance with Federal and State Law.  Offers of Employment are contingent on a successful background check
Texas GovLink is an equal opportunities employer.


  • Engineer, maintain, and tune SIEM platforms (Google SecOps, Gravwell), including correlation rules, dashboards, enrichment logic, and detection content.
  • Configure, tune, and optimize IDS/IPS technologies (Corelight, Tipping Point, Cisco Firepower), including signature development and false-positive reduction.
  • Perform packet capture (pcap) analysis to validate alerts, identify malicious traffic, and support investigations using Netwitness or Corelight.
  • Conduct network traffic analysis to detect anomalies, lateral movement, and commandandcontrol activity.
  • Strong understanding of network security architecture, including distributed sensors (Corelight), packet capture systems (NetWitness), and log pipelines (CRIBL, Gravwell, Google SecOps).
  • Operationalize threat intelligence feeds within SOC platforms and customers, converting indicators into detection logic, correlation rules, and automated enrichment workflows.
  • Continuously tune detection content based on intelligencedriven insights, improving alert fidelity and reducing false positives across statewide monitoring.
  • Develop and maintain orchestration playbooks within Cyware, integrating SIEM, EDR, threat intelligence, and ticketing systems to support statewide monitoring expansion and rapid incident handling.
  • Support SOC operations by providing detection engineering, log onboarding, and data normalization.
  • Develop and maintain network security monitoring infrastructure, including sensors, collectors, and log pipelines.
  • Collaborate with Incident Responders to provide networklevel evidence, context, and threat validation.
  • Produce engineering reports, tuning documentation, and platform health assessments.
  • Implement detection logic aligned with MITRE ATT&CK, threat intelligence, and emerging adversary behaviors.
  • Produce engineering documentation, tuning reports, platform health assessments, and detection coverage maps using data from Firepower, TippingPoint, Corelight, NetWitness, Microsoft Sentinel, and Google SecOps

Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.

Years

Required/Preferred

Experience

5

Required

SOC operations experience

5

Required

Handson experience with IDS/IPS platforms, specifically Cisco Firepower and TippingPoint, including signature tuning, falsepositive reduction, and threatdriven detection improvements.

5

Required

Advanced packet capture (pcap) and network analysis skills using Corelight, NetWitness, and CRIBL pipelines to identify anomalies, malicious traffic, and lateral movement.

5

Required

Experience maintaining and tuning EDR platforms, including CrowdStrike Falcon and SentinelOne, and integrating EDR telemetry into SIEM and orchestration workflows.

5

Required

Threat intelligence application expertise

5

Required

Develop detection logic aligned with adversary TTPs

6

Preferred

Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.

5

Preferred

Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.

5

Preferred

Perform packet-level analysis to validate alerts and identify malicious activity

5

Preferred

Serves as an escalation SOC analysts to support other SOC analyst and incident responders with enriched network-level intelligence

5

Preferred

Proficiency with Google SecOps and Cyware (SOAR) orchestration, including building automated workflows that integrate SIEM, IDS/IPS, EDR (CrowdStrike, SentinelOne), threat intelligence, and Jira ticketing for SOC automation

4

Preferred

Security Certifications Preferred (CISSP, CEH, GISF, GSEC, CySA+, Sec+)