Sr. Security Operations Engineer

Job Description

Job Description

StorSoft Technology Corp is seeking a highly experienced Security Operations Engineer to support an independent federal agency. This is a mission-critical, senior-level role requiring deep federal cybersecurity operations experience and the ability to work with minimal supervision in a small agency environment.

The Security Operations Engineer will serve as the primary cybersecurity engineering resource for NIGC's hybrid IT infrastructure, which consists of on-premises Cisco networking equipment integrated with Microsoft Azure via Azure Arc, VMware Hypervisor-based server virtualization, Microsoft Active Directory federated with Azure Entra ID, and a suite of CDM-integrated security tools. You will own the engineering, operations, and continuous improvement of NIGC's cybersecurity posture.

Key Responsibilities

• Apply NIST guidelines, FISMA requirements, CISA directives, and executive orders to conduct ongoing security assessments of installed systems and networks and recommend corrective actions

• Perform systems engineering and maintenance activities for all cybersecurity tooling in accordance with established standards

• Configure, operate, and optimize NIGC's security tool suite: SIEM (Microsoft Sentinel), Syslog, NDR, EDR (Microsoft Defender for Endpoint), Cisco Firewall, M365 Defender for Cloud, and CDM capabilities

• Develop and mature NIGC's Security Orchestration, Automation, and Response (SOAR) capabilities to increase detection and response automation

• Execute continuous monitoring activities per NIST SP 800-137 and produce FISMA-required metrics and reporting

• Perform proactive threat hunting using aggregated logs, SIEM correlation rules, and threat intelligence to detect threats before impact

• Execute full-lifecycle incident response activities in accordance with the NIGC Incident Response Plan — detection, containment, eradication, recovery, and post-incident review

• Collaborate with the CISO and Privacy Officer to develop cybersecurity and privacy measures protecting NIGC's sensitive information

• Collect and report security operations performance metrics and prepare threat reports to inform NIGC risk management decisions

• Develop and maintain accurate security operations documentation, standard operating procedures, and runbooks for all recurring tasks

Environment & Technology Stack

• Cisco Networking: Firewall, routers, switches, Cisco Secure Firewall

• Microsoft Azure: Azure Arc, Entra ID, Defender for Cloud, Defender for Endpoint, Azure Policy

• Microsoft M365: Exchange Online, SharePoint, Teams, Purview Compliance

• Virtualization: VMware vSphere/ESXi Hypervisor on-premises server environment

• OS: Microsoft Windows Server, Linux (multiple distributions)

• Security Tools: SIEM, SOAR, NDR, EDR, CDM program tools, Syslog

• Scripting: PowerShell, bash

REQUIRED SKILLS & QUALIFICATIONS

• Experience: Minimum 10 years of continuous experience in federal cybersecurity operations — senior level per government requirements (6+ years minimum)

• Certifications: CISSP (Certified Information Systems Security Professional) — Required; CASP+, Azure Security Engineer Associate (AZ-500), or equivalent certifications strongly preferred

• SIEM/SOAR: Demonstrated hands-on proficiency with SIEM platforms (Microsoft Sentinel and/or Splunk): rule creation, dashboard development, alert tuning, and log source integration

• NDR/EDR: Hands-on NDR and EDR administration and policy management in a federal environment

• Cisco: Cisco network security: firewall policy management, ACL configuration, IDS/IPS integration, and log analysis

• Azure/M365: Microsoft Azure hybrid environment administration: Azure Arc, Entra ID conditional access, Defender for Cloud, MFA policy enforcement

• Compliance Frameworks: NIST SP 800-53 Rev. 5 control implementation and assessment; FISMA continuous monitoring (NIST SP 800-137); CISA BOD compliance

• Incident Response: Incident Response: full lifecycle IR execution in a federal environment; NIST SP 800-61 methodology

• CDM: CDM program tool familiarity and agency dashboard reporting

• Scripting: PowerShell and/or bash scripting for security automation and reporting

• Eligibility: Must be a U.S. Citizen; must be able to pass and maintain a Public Trust background investigation; must be willing to work onsite in Washington, DC

Company DescriptionWe are a leading HR company committed to creating a positive and productive work environment. Our team of experienced professionals strive to provide our employees with the best support, tools, and resources to make their work meaningful and rewarding. We offer competitive compensation and benefits, flexible scheduling, and a positive and encouraging culture. With us, you'll have the opportunity to make an impact and be part of a team of people devoted to helping you succeed.

Company Description

We are a leading HR company committed to creating a positive and productive work environment. Our team of experienced professionals strive to provide our employees with the best support, tools, and resources to make their work meaningful and rewarding. We offer competitive compensation and benefits, flexible scheduling, and a positive and encouraging culture. With us, you'll have the opportunity to make an impact and be part of a team of people devoted to helping you succeed.