Senior Cybersecurity Operations Engineer

Senior Cybersecurity Operations Engineer

OCT Consulting is a business management and technology consulting firm that supports Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.

OCT currently has an opening for a Senior Cybersecurity Operations Engineer to work with our federal client. The client requires a Senior Cybersecurity Operations Engineer to support the agency’s cybersecurity program at its Washington, DC headquarters. This role involves securing a hybrid IT environment consisting of on-premises Cisco infrastructure, VMware Hypervisor, and Microsoft Azure cloud services for fewer than 150 users.

This position is contingent upon contract award.

Day to day responsibilities include:

• Apply knowledge of information systems security principles, NIST guidelines, FISMA, CISA directives, and federal security requirements to conduct ongoing security assessments of installed systems and networks and recommend corrective actions.
• Ensure effective configuration and daily operations of cybersecurity tools including SIEM integration, Syslog, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), firewalls, M365 cloud security, Defender for Cloud, and Continuous Diagnostics and Mitigation (CDM) capabilities.
• Maintain threat awareness and monitor client information systems for exploits and suspicious activities; analyze aggregated logs from security tools and perform regular threat hunting activities.
• Execute incident response activities including all associated actions according to the client's incident response plan; develop incident handling procedures.
• Develop Security Orchestration, Automation, and Response (SOAR) capabilities and detection/response configuration policies to increase automation.
• Adhere to continuous monitoring practices to evaluate effectiveness of implemented security controls and execute proactive threat hunting activities.
• Apply knowledge of networking technologies including LAN, Microsoft Azure, and wireless management in security solutions implementation and troubleshooting.
• Collaborate with the CISO and Privacy Officer to develop plans, techniques, and measurable objectives for improving cybersecurity and privacy measures that protect sensitive information.
• Collect security operations performance metrics and prepare threat reports to inform risk management decisions.
• Develop and maintain accurate security operations documentation including standard operating procedures for recurring tasks.
• Validate that sufficient and relevant information is captured and retained from security tools to support actionable security awareness and incident investigations.
• Collaborate with other teams on the integration of applications and IT services to ensure security requirements are met.

• Must be a U.S. Citizen.
• Minimum six (6) continuous years of experience in cybersecurity operations engineering in a federal government environment.
• Demonstrated hands‑on experience with SIEM platforms, SOAR tools, NDR, EDR, and firewall management.
• Strong knowledge of NIST Risk Management Framework (RMF), FISMA, CISA Binding Operational Directives, and federal cybersecurity best practices.
• Experience with Microsoft Azure cloud security, M365 Defender for Cloud, and hybrid on‑premises/cloud environments.
• Proficiency with Cisco networking and firewall technologies.
• Experience with continuous monitoring, CDM program tools, and log management (Syslog).
• Strong knowledge of incident response procedures and threat hunting methodologies.
• Experience with Power Shell scripting for security automation.
• CISSP, CISM, CEH, or equivalent cybersecurity certification required.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; relevant IT certifications may be substituted for a formal degree.
• Ability to obtain and maintain a Public Trust clearance; background investigation will involve credit, fingerprint, and law enforcement agency checks.
• Must work primarily onsite in SW,…