Security Operations Engineer (Senior) - NIGC

Security Operations Engineer (Senior) - NIGCTechnology Automation & Management (TeAM), Inc.We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.DescriptionPending Contract AwardMission ObjectivesThe National Indian Gaming Commission requires on-demand cybersecurity and IT services to support its mission of promoting tribal economic development, maintaining the integrity of the Indian gaming industry, and ensuring Tribes are the primary beneficiaries of their gaming activities. The Security Operations Engineer (Senior) serves as the lead cybersecurity engineering resource responsible for engineering, configuring, and operating the full spectrum of security tools protecting the NIGC's hybrid IT infrastructure - comprising on-premises Cisco networking, VMware Hypervisor servers, and Microsoft Azure cloud environments. This position works directly with the CISO and Privacy Officer with minimal supervision to safeguard fewer than 150 users across the enterprise.Position ResponsibilitiesApply knowledge and skills of information systems security principles, NIST guidelines, FISMA, CISA, and federal directives to conduct ongoing security assessments of installed systems and networks and recommend corrective actions.Perform systems engineering and maintenance activities according to established standards.Apply knowledge of networking technologies including LAN, MS Azure, and Wireless management in security solutions implementation and troubleshooting.Develop NIGC security operations capabilities by evaluating current strategies and pursuing alignment with best practices.Ensure the effective configuration and daily operations of cybersecurity tools including SIEM integration, Syslog, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), Firewalls, M365 Cloud Security, Defender for Cloud, and Continuous Diagnostics & Mitigation (CDM) capabilities.In collaboration with CISO and Privacy Officer, develop plans, techniques, and measurable objectives to improve cybersecurity and privacy measures that meet NIGC goals for protecting sensitive information.Collaborate with other teams on the integration of NIGC applications and IT services to consider security implications and ensure security requirements are met.Maintain threat awareness and monitor NIGC information systems for exploits and suspicious activities; analyze aggregated logs from security tools and perform regular threat hunting activities.Develop Security Orchestration, Automation, and Response (SOAR) capabilities.Adhere to Continuous Monitoring practices to evaluate the effectiveness of implemented security controls and execute proactive threat hunting to ensure confidentiality, integrity, and availability of NIGC information systems.Develop detection and response configuration policies to increase automation.Execute Incident Response activities to include all associated actions according to the NIGC incident response plan.Develop incident handling procedures.Validate that sufficient and relevant information is captured and retained from security tools to support actionable security awareness and incident investigations.Collect security operations performance and NIGC security posture management metrics; prepare NIGC threat reports to inform risk management decisions.Develop and maintain accurate security operations documentation including standard operating procedures for recurring tasks.Position RequirementsExperienceDemonstrated hands‑on experience with SIEM platforms, Syslog, NDR, EDR, Cisco Firewalls, M365 Cloud Security, Microsoft Defender for Cloud, and CDM tools.Demonstrated hands‑on experience with SOAR platform configuration and playbook development.Experience conducting security assessments and applying NIST guidelines, FISMA, and CISA directives in a federal environment.Experience with networking technologies including Cisco LAN/Firewall, Microsoft Azure security, and wireless network security.Education and CredentialsEducation: Bachelor's Degree or Higher in Cybersecurity, Information Technology, Computer Science, or related field (relevant IT certifications may substitute for formal degree per SOO Section 6).Certifications: One of the following required: CASP+, CISA, or CISSP.Years of Experience: Minimum 6 continuous years in cybersecurity / security operations engineering.Optional/Value-Added QualificationsOptional/Value-Added ExperiencePrior experience supporting small federal agencies or independent federal commissions.Experience with Azure Arc hybrid cloud security configurations.VMware Hypervisor security hardening experience.Experience with CDM Program tools and CISA BOD reporting requirements.Experience in Apple iOS mobile device management in a federal context.Optional/Value-Added Additional CredentialsEducation: Master's Degree in Cybersecurity, Information Assurance, or related field.Certifications/Training: CompTIA Security+, CEH, GIAC (GSEC, GCIH, GCIA), Microsoft SC-200 (Security Operations Analyst), Azure Security Engineer Associate.Experience: 8+ years in cybersecurity operations; prior SOC/CIRT leadership experience.Duty LocationNIGC Headquarters, 550 12th Street SW, Washington, DC 20024Work ArrangementPrimarily Onsite; limited remote work may be authorized at the discretion of the Federal Task Manager.Travel RequirementsNoneMinimum Security Clearance RequiredPublic Trust (background investigation, NDA, NIGC Rules of Behavior, PIV Card required).Full-Time/Part-Time Full-TimeThis position is currently accepting applications.#J-18808-Ljbffr

Government Careers

Show more