Endpoint Manager / Secops Engineer

Job Title: Endpoint manager / Secops Engineer

Location: Fully onsite in DC

Duration: Contract to hire; must be able to convert to permanent

What You'll Do

As a SecOps Engineer, you will be ensuring security, automation, and cost efficiency. You will leverage expertise in cloud architecture, automation, security, and operations to build resilient, cost-effective, and secure environments.

Job Responsibilities:

• Security Monitoring and Incident Response: Monitor security alerts and respond to incidents using tools like Microsoft Defender, Sentinel, and Tanium.
• Endpoint Security Management: Implement and manage endpoint security solutions, including Intune and other endpoint protection tools.
• Network Security: Configure and maintain network security devices such as firewalls, IDS/IPS, and Zscaler solutions.
• Identity and Access Management: Manage identity and access controls using EntraID and Azure security services.
• Compliance and Risk Management: Ensure compliance with federal regulations, standards, and manage security risks, including knowledge of CMMC 2.0 and NIST 800.171.
• Automation and Scripting: Develop and maintain scripts to automate security tasks and improve operational efficiency.
• Container Security: Manage and secure containerized applications using Azure Container Registry.
• Operating System Management: Administer and secure systems running Red Hat Enterprise Linux, Debian, Ubuntu, Windows, and macOS environments.
• Certificate Management: Oversee the management and deployment of security certificates.
• Version Control and CI/CD: Utilize GitLab for version control and continuous integration/continuous deployment (CI/CD) processes.
• Documentation and Reporting: Create and maintain documentation for security policies, procedures, and incidents.
• Technical Skills: Proficiency with security tools and platforms such as Tanium, Microsoft Defender, Sentinel, Zscaler, EntraID, Azure security, and Intune

You're good at:

• Cloud architecture - designing cost-efficient, secure solutions.
• Network engineering - securing and optimizing connectivity across hybrid cloud environments.
• Cloud security - enforcing IAM, RBAC, and ABAC policies.
• Multi-cloud operations - leveraging multiple CSPs effectively.
• Federal cloud compliance - navigating security standards in civilian and defense sectors.
• Cross-team collaboration - communicating technical concepts across engineering, security, and business units.

What You'll Bring

• Bachelor's degree in Computer Science, Information Security, or a related field is required.
• CISSP (Certified Information Systems Security Professional) is strongly preferred. Other relevant certifications might include CEH, CCNA, or SANS certifications.
• U.S. Citizen and ability to obtain and maintain Secret clearance required. Dual citizens may be subject to additional eligibility requirements
• Proficiency with security tools and platforms such as Tanium, Microsoft Defender, Sentinel, Zscaler, Azure security, Intune, GitLab, Red Hat Enterprise Linux, Debian, Ubuntu, Terraform, Azure Container Registry, and Python.
• Strong cloud security and security operations expertise.
• Deep network engineering knowledge for secure, scalable cloud connectivity.
• Experience with IAM, RBAC, ABAC, and cloud security best practices.
• Multi-cloud expertise across multiple CSPs.
• Background in US Federal government cloud/network/systems engineering.
• Strong communication skills for collaborating across teams.
• Familiarity with federal compliance requirements and directives is essential.

Nice-to-Have:

• DevSecOps experience in agile service/software delivery.
• Hands-on work with CI/CD pipelines (GitHub/GitLab).
• Expertise in US Federal compliance/security frameworks (FedRAMP, DoD STIGs).
• Ability to educate teams on security cloud operations best practices.