Senior Cybersecurity Operations Engineer - Onsite in Washington, DC (20024)
Booker DiMaio, LLC, Washington, District of Columbia, United States
This job is onsite in Washington, DC (20024)
Selected candidate must be able to get a Public Trust clearance.
We are seeking a Senior Cybersecurity Operations Engineer to support a federal client in maintaining and strengthening enterprise cybersecurity operations across a hybrid on-premises and cloud environment. This role is responsible for security engineering, continuous monitoring, threat detection, incident response, and the ongoing enhancement of cybersecurity operations within a highly regulated federal environment.
The ideal candidate will have strong experience supporting Microsoft-based infrastructure, cloud security, network security, and enterprise security operations tools. This position requires the ability to operate independently with minimal supervision while collaborating closely with cybersecurity leadership and cross-functional IT teams.
Key Responsibilities
Perform ongoing security assessments of systems, networks, and cloud environments in alignment with NIST, FISMA, CISA, and other federal cybersecurity standards and directives
Identify security risks and recommend corrective actions to improve overall security posture and compliance
Perform systems engineering, maintenance, and security hardening activities following established operational standards
Implement, support, and troubleshoot security solutions across LAN, wireless, firewall, and Microsoft Azure environments
Administer and optimize cybersecurity tools including SIEM, Syslog, EDR, NDR, firewalls, Microsoft 365 security, Defender for Cloud, and Continuous Diagnostics and Mitigation (CDM) platforms
Monitor security events, system alerts, vulnerabilities, and suspicious activity through log analysis and proactive threat hunting
Support the development and enhancement of Security Orchestration, Automation, and Response (SOAR) capabilities
Execute incident response activities including investigation, containment, remediation support, documentation, and reporting in accordance with established response plans
Develop and maintain incident handling procedures, standard operating procedures, and security operations documentation
Ensure logging, monitoring, and data retention practices support effective investigations and operational visibility
Generate security posture reports, operational metrics, and threat reporting to support leadership decision-making and risk management
Collaborate with cybersecurity leadership, including CISO and Privacy Officer, to strengthen cybersecurity and privacy controls
Partner with infrastructure and application teams to ensure security requirements are integrated into enterprise systems and services
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
5+ years of experience in cybersecurity operations, security engineering, SOC operations, or incident responseGovernment experience required
Strong knowledge of NIST, FISMA, CISA directives, and federal cybersecurity standards
Hands‑on experience with:
Microsoft Azure, Entra ID, and Microsoft 365 security environments
Cisco networking and firewall technologies
SIEM, Syslog, EDR, NDR, and security monitoring platforms
Microsoft Defender for Cloud and CDM tools
PowerShell scripting and automation
Linux operating system administration
Strong experience with incident response, threat detection, threat hunting, and security investigations
Experience supporting continuous monitoring and security operations reporting
Experience developing SOPs, incident handling procedures, and security documentation
Strong analytical, troubleshooting, and technical documentation skills
Ability to work independently in a structured federal environment
Desired Qualifications
Experience supporting SOAR platforms and security automation initiatives
Experience with cloud security architecture in hybrid environments
Familiarity with disaster recovery and business continuity planning
Experience supporting executive-level security reporting and metrics
Familiarity with advanced identity management and MFA governance models
Relevant cybersecurity certifications (Security+, CISSP, Azure Security, or equivalent)
#J-18808-Ljbffr
Selected candidate must be able to get a Public Trust clearance.
We are seeking a Senior Cybersecurity Operations Engineer to support a federal client in maintaining and strengthening enterprise cybersecurity operations across a hybrid on-premises and cloud environment. This role is responsible for security engineering, continuous monitoring, threat detection, incident response, and the ongoing enhancement of cybersecurity operations within a highly regulated federal environment.
The ideal candidate will have strong experience supporting Microsoft-based infrastructure, cloud security, network security, and enterprise security operations tools. This position requires the ability to operate independently with minimal supervision while collaborating closely with cybersecurity leadership and cross-functional IT teams.
Key Responsibilities
Perform ongoing security assessments of systems, networks, and cloud environments in alignment with NIST, FISMA, CISA, and other federal cybersecurity standards and directives
Identify security risks and recommend corrective actions to improve overall security posture and compliance
Perform systems engineering, maintenance, and security hardening activities following established operational standards
Implement, support, and troubleshoot security solutions across LAN, wireless, firewall, and Microsoft Azure environments
Administer and optimize cybersecurity tools including SIEM, Syslog, EDR, NDR, firewalls, Microsoft 365 security, Defender for Cloud, and Continuous Diagnostics and Mitigation (CDM) platforms
Monitor security events, system alerts, vulnerabilities, and suspicious activity through log analysis and proactive threat hunting
Support the development and enhancement of Security Orchestration, Automation, and Response (SOAR) capabilities
Execute incident response activities including investigation, containment, remediation support, documentation, and reporting in accordance with established response plans
Develop and maintain incident handling procedures, standard operating procedures, and security operations documentation
Ensure logging, monitoring, and data retention practices support effective investigations and operational visibility
Generate security posture reports, operational metrics, and threat reporting to support leadership decision-making and risk management
Collaborate with cybersecurity leadership, including CISO and Privacy Officer, to strengthen cybersecurity and privacy controls
Partner with infrastructure and application teams to ensure security requirements are integrated into enterprise systems and services
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
5+ years of experience in cybersecurity operations, security engineering, SOC operations, or incident responseGovernment experience required
Strong knowledge of NIST, FISMA, CISA directives, and federal cybersecurity standards
Hands‑on experience with:
Microsoft Azure, Entra ID, and Microsoft 365 security environments
Cisco networking and firewall technologies
SIEM, Syslog, EDR, NDR, and security monitoring platforms
Microsoft Defender for Cloud and CDM tools
PowerShell scripting and automation
Linux operating system administration
Strong experience with incident response, threat detection, threat hunting, and security investigations
Experience supporting continuous monitoring and security operations reporting
Experience developing SOPs, incident handling procedures, and security documentation
Strong analytical, troubleshooting, and technical documentation skills
Ability to work independently in a structured federal environment
Desired Qualifications
Experience supporting SOAR platforms and security automation initiatives
Experience with cloud security architecture in hybrid environments
Familiarity with disaster recovery and business continuity planning
Experience supporting executive-level security reporting and metrics
Familiarity with advanced identity management and MFA governance models
Relevant cybersecurity certifications (Security+, CISSP, Azure Security, or equivalent)
#J-18808-Ljbffr