Senior Cybersecurity Operations Engineer Onsite in Washington, DC (20024)

We are seeking a Senior Cybersecurity Operations Engineer to support a federal client in maintaining and strengthening enterprise cybersecurity operations across a hybrid on-premises and cloud environment. This role is responsible for security engineering continuous monitoring threat detection incident response and the ongoing enhancement of cybersecurity operations within a highly regulated federal environment.

The ideal candidate will have strong experience supporting Microsoft-based infrastructure cloud security network security and enterprise security operations tools. This position requires the ability to operate independently with minimal supervision while collaborating closely with cybersecurity leadership and cross-functional IT teams.

Key Responsibilities

• Perform ongoing security assessments of systems networks and cloud environments in alignment with NIST FISMA CISA and other federal cybersecurity standards and directives
• Identify security risks and recommend corrective actions to improve overall security posture and compliance
• Perform systems engineering maintenance and security hardening activities following established operational standards
• Implement support and troubleshoot security solutions across LAN wireless firewall and Microsoft Azure environments
• Administer and optimize cybersecurity tools including SIEM Syslog EDR NDR firewalls Microsoft 365 security Defender for Cloud and Continuous Diagnostics and Mitigation (CDM) platforms
• Monitor security events system alerts vulnerabilities and suspicious activity through log analysis and proactive threat hunting
• Support the development and enhancement of Security Orchestration Automation and Response (SOAR) capabilities
• Execute incident response activities including investigation containment remediation support documentation and reporting in accordance with established response plans
• Develop and maintain incident handling procedures standard operating procedures and security operations documentation
• Ensure logging monitoring and data retention practices support effective investigations and operational visibility
• Generate security posture reports operational metrics and threat reporting to support leadership decision-making and risk management
• Collaborate with cybersecurity leadership including CISO and Privacy Officer to strengthen cybersecurity and privacy controls
• Partner with infrastructure and application teams to ensure security requirements are integrated into enterprise systems and services

Required Qualifications

• Bachelors degree in Cybersecurity Information Technology Computer Science or related field preferred; equivalent experience accepted
• 5 years of experience in cybersecurity operations security engineering SOC operations or incident response
• Government experience required
• Strong knowledge of NIST FISMA CISA directives and federal cybersecurity standards
• Hands-on experience with:
  • Microsoft Azure Entra ID and Microsoft 365 security environments
  • Cisco networking and firewall technologies
  • SIEM Syslog EDR NDR and security monitoring platforms
  • Microsoft Defender for Cloud and CDM tools
  • PowerShell scripting and automation
  • Linux operating system administration
• Strong experience with incident response threat detection threat hunting and security investigations
• Experience supporting continuous monitoring and security operations reporting
• Experience developing SOPs incident handling procedures and security documentation
• Strong analytical troubleshooting and technical documentation skills
• Ability to work independently in a structured federal environment

Desired Qualifications

• Experience supporting SOAR platforms and security automation initiatives
• Experience with cloud security architecture in hybrid environments
• Familiarity with disaster recovery and business continuity planning
• Experience supporting executive-level security reporting and metrics
• Familiarity with advanced identity management and MFA governance models
• Relevant cybersecurity certifications (Security CISSP Azure Security or equivalent)