Cyber Operations Engineer

About The Position

Requirements

• Must have an active Public Trust security Clearance
• Must be willing and able to work fully onsite at the location listed in this posting
• 6+ years of experience in cybersecurity operations or security engineering
• Strong experience securing Microsoft Azure environments and the Microsoft 365 Defender suite
• Hands-on experience with SIEM tools such as Splunk or Microsoft Sentinel
• Experience with EDR and NDR platforms for endpoint and network protection
• Knowledge of federal cybersecurity frameworks including NIST, FISMA, and RMF
• Experience with incident response, threat analysis, and vulnerability management
• Strong scripting skills, preferably with PowerShell

Nice To Haves

• CISSP (Certified Information Systems Security Professional)
• GCIA (GIAC Certified Intrusion Analyst)
• GCIH (GIAC Certified Incident Handler) or equivalent

Responsibilities

• Perform continuous monitoring and security operations across on-premise and cloud environments, including Azure and Microsoft 365
• Configure, manage, and optimize cybersecurity tools such as SIEM, SOAR, EDR, and NDR platforms
• Conduct proactive threat hunting and analyze security events to identify vulnerabilities and emerging risks
• Lead incident response efforts, including detection, containment, eradication, and recovery activities
• Develop and implement automation and orchestration solutions to enhance security operations efficiency
• Ensure compliance with federal cybersecurity frameworks and standards such as NIST, FISMA, and CISA directives
• Create and maintain security dashboards, metrics, and reports to support risk-based decision making
• Collaborate with system owners, engineers, and IT teams to integrate security into systems and applications
• Develop and maintain security documentation, procedures, and standard operating guidelines