Cybersecurity Operations Engineer

Job description

Responsibilities & Qualifications RESPONSIBILITIES: The Cybersecurity Operations Engineer will implement and maintain defensive cyber controls aligned with ODNI’s Zero Trust and ICAM policies. Core responsibilities include: - Deploy and configure endpoint security tools (CrowdStrike, Tanium, Defender). - Design and enforce identity and access policies using Okta, LDAP, and certificate authorities. - Monitor and respond to alerts in Splunk, ELK, and other SIEM platforms. - Write detection logic and correlation rules for threat identification and mitigation. - Support audits, POA&M resolution, and incident response activities. REQUIRED QUALIFICATIONS: - Active TS/SCI clearance with CI Polygraph. - Bachelor’s degree in cybersecurity, information security, or IT. - 5+ years of hands-on cyber defense or blue team experience. - Experience with SIEM platforms, endpoint agents, and network security tools. - Familiarity with Zero Trust Architecture, ICAM, and enclave hardening. PREFERRED QUALIFICATIONS: - Certified Splunk Architect, CISSP, or equivalent. - Knowledge of CNSSI 1253, NIST 800-171, and ICD 503 standards. - Prior experience supporting CDM or IC cyber modernization programs. - Fa...