Senior Cybersecurity Operations Engineer - Onsite in Washington, DC (20024)

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
• 5+ years of experience in cybersecurity operations, security engineering, SOC operations, or incident response
• Government experience required
• Strong knowledge of NIST, FISMA, CISA directives, and federal cybersecurity standards
• Hands-on experience with: Microsoft Azure, Entra ID, and Microsoft 365 security environments
• Hands-on experience with: Cisco networking and firewall technologies
• Hands-on experience with: SIEM, Syslog, EDR, NDR, and security monitoring platforms
• Hands-on experience with: Microsoft Defender for Cloud and CDM tools
• Hands-on experience with: PowerShell scripting and automation
• Hands-on experience with: Linux operating system administration
• Strong experience with incident response, threat detection, threat hunting, and security investigations
• Experience supporting continuous monitoring and security operations reporting
• Experience developing SOPs, incident handling procedures, and security documentation
• Strong analytical, troubleshooting, and technical documentation skills
• Ability to work independently in a structured federal environment

Nice To Haves

• Experience supporting SOAR platforms and security automation initiatives
• Experience with cloud security architecture in hybrid environments
• Familiarity with disaster recovery and business continuity planning
• Experience supporting executive-level security reporting and metrics
• Familiarity with advanced identity management and MFA governance models
• Relevant cybersecurity certifications (Security+, CISSP, Azure Security, or equivalent)

Responsibilities

• Perform ongoing security assessments of systems, networks, and cloud environments in alignment with NIST, FISMA, CISA, and other federal cybersecurity standards and directives
• Identify security risks and recommend corrective actions to improve overall security posture and compliance
• Perform systems engineering, maintenance, and security hardening activities following established operational standards
• Implement, support, and troubleshoot security solutions across LAN, wireless, firewall, and Microsoft Azure environments
• Administer and optimize cybersecurity tools including SIEM, Syslog, EDR, NDR, firewalls, Microsoft 365 security, Defender for Cloud, and Continuous Diagnostics and Mitigation (CDM) platforms
• Monitor security events, system alerts, vulnerabilities, and suspicious activity through log analysis and proactive threat hunting
• Support the development and enhancement of Security Orchestration, Automation, and Response (SOAR) capabilities
• Execute incident response activities including investigation, containment, remediation support, documentation, and reporting in accordance with established response plans
• Develop and maintain incident handling procedures, standard operating procedures, and security operations documentation
• Ensure logging, monitoring, and data retention practices support effective investigations and operational visibility
• Generate security posture reports, operational metrics, and threat reporting to support leadership decision-making and risk management
• Collaborate with cybersecurity leadership, including CISO and Privacy Officer, to strengthen cybersecurity and privacy controls
• Partner with infrastructure and application teams to ensure security requirements are integrated into enterprise systems and services