Security Operations Engineer

Senior Security Operations Engineer Position: Senior Security Operations Engineer Level: Senior Location: Washington, DC (Onsite with limited remote) Overview Provides advanced cybersecurity engineering and operations support within a hybrid IT environment. Leads implementation, monitoring, and continuous improvement of security operations aligned with federal standards (NIST, FISMA, CISA). Key Responsibilities * Conduct ongoing security assessments of systems and networks and recommend corrective actions  * Design, implement, and maintain security operations capabilities and tools (SIEM, SOAR, EDR, NDR, CDM)  * Lead threat monitoring, log analysis, and proactive threat hunting activities  * Develop and implement incident response procedures and execute incident handling activities  * Configure and manage Microsoft 365 security, Defender for Cloud, and Azure security controls  * Develop detection rules, automation workflows, and response playbooks  * Collaborate with CISO and stakeholders to enhance cybersecurity posture and privacy controls  * Evaluate effectiveness of security controls through continuous monitoring practices  * Produce security metrics, risk reports, and threat intelligence briefings  * Develop and maintain SOPs and security documentation  Required Qualifications * Minimum 6 years of cybersecurity operations experience  * Strong knowledge of NIST, FISMA, and federal cybersecurity frameworks  * Hands-on experience with SIEM, SOAR, EDR/NDR, and cloud security tools  * Experience with Azure security, Microsoft 365, and identity security  * Strong scripting/automation skills (PowerShell preferred)  Preferred Certifications CISSP, CEH, GCIA, GCIH, Azure Security Engineer _______________ Senior Security Operations Analyst Position: Security Operations Analyst 3 Level: Senior Overview Supports daily cybersecurity monitoring, analysis, and incident response activities. Focuses on threat detection, log analysis, and continuous improvement of security operations processes. Key Responsibilities * Monitor systems and analyze logs for suspicious activity and security events  * Execute daily security analysis and reporting processes  * Perform incident detection, response, and investigation activities  * Develop and refine detection rules, alerts, and response procedures  * Conduct threat hunting and vulnerability analysis  * Evaluate effectiveness of security operations and recommend improvements  * Maintain incident handling documentation and response playbooks  * Ensure proper data capture and retention for investigations  * Generate reports on security posture and operational metrics  Required Qualifications * Minimum 6 years of cybersecurity or SOC experience  * Experience with SIEM tools, log analysis, and incident response  * Familiarity with NIST-based continuous monitoring practices  * Strong analytical and troubleshooting skills  Preferred Security+, CySA+, GCIH, CEH Email me the resume to [Upgrade to PRO to see contact]