Senior Cybersecurity Operations Engineer (15.40)

Senior Cybersecurity Operations Engineer OCT Consulting is a business management and technology consulting firm that supports Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology. Responsibilities and Duties OCT currently has an opening for a Senior Cybersecurity Operations Engineer to work with our federal client. The client requires a Senior Cybersecurity Operations Engineer to support the agency's cybersecurity program at its Washington, DC headquarters. This role involves securing a hybrid IT environment consisting of on-premises Cisco infrastructure, VMware Hypervisor, and Microsoft Azure cloud services for fewer than 150 users. This position is contingent upon contract award. Day to day responsibilities include: Apply knowledge of information systems security principles, NIST guidelines, FISMA, CISA directives, and federal security requirements to conduct ongoing security assessments of installed systems and networks and recommend corrective actions. Ensure effective configuration and daily operations of cybersecurity tools including SIEM integration, Syslog, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), firewalls, M365 cloud security, Defender for Cloud, and Continuous Diagnostics and Mitigation (CDM) capabilities. Maintain threat awareness and monitor client information systems for exploits and suspicious activities; analyze aggregated logs from security tools and perform regular threat hunting activities. Execute incident response activities including all associated actions according to the client's incident response plan; develop incident handling procedures. Develop Security Orchestration, Automation, and Response (SOAR) capabilities and detection/response configuration policies to increase automation. Adhere to continuous monitoring practices to evaluate effectiveness of implemented security controls and execute proactive threat hunting activities. Apply knowledge of networking technologies including LAN, Microsoft Azure, and wireless management in security solutions implementation and troubleshooting. Collaborate with the CISO and Privacy Officer to develop plans, techniques, and measurable objectives for improving cybersecurity and privacy measures that protect sensitive information. Collect security operations performance metrics and prepare threat reports to inform risk management decisions. Develop and maintain accurate security operations documentation including standard operating procedures for recurring tasks. Validate that sufficient and relevant information is captured and retained from security tools to support actionable security awareness and incident investigations. Collaborate with other teams on the integration of applications and IT services to ensure security requirements are met.