Description
Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, DC, Dragonfli supports clients in securing mission-critical systems across on-site, hybrid, and fully remote environments.
As a Senior-level Security Engineer focused on Insider Risk, you will be responsible for maturing and optimizing an Insider Threat operational support program. This role requires 7+ years of relevant experience in cyber-related fields, with at least 5 years dedicated to configuring and administering security tools. You will leverage a sophisticated technical stack—including DLP, UEBA, SIEM, and the Microsoft Purview/Defender suite—to monitor, detect, and mitigate potential internal threats. You will act as a bridge between technical implementation and executive reporting, developing playbooks and leading investigations into high-stakes security incidents.
This is a multi-year contract position involving a large US federal agency. Candidates with previous federal contracting experience are preferred. U.S. Citizenship or Permanent Residency required. If hired, all work related to this role must be performed within the continental U.S.
Primary Responsibilities:
- Program Maturation: Assist in developing playbooks, workflows, and implementation roadmaps to mature the Insider Threat operational support program.
- Tool Optimization: Administer and optimize the Insider Risk toolset, specifically DLP, UEBA, SIEM, and Microsoft Defender/Entra/Purview.
- Risk Mitigation: Develop and maintain a convergence model to reduce risk to personnel and assets across regional operating divisions.
- Incident Leadership: Lead and assist in the investigation of all incidents involving potential insider threats.
- Stakeholder Coordination: Coordinate with business and technology leaders to develop programmatic solutions and deliver high-level presentations on findings.
- Standards Compliance: Implement federal government and industry standards regarding insider threat programs and maintain programmatic gap analyses.
Requirements
Must-Have Qualifications:
- Experience: 7+ years of relevant experience in a cyber-related field.
- Tool Administration: 5+ years of experience specifically configuring and administering security tools.
- Education: BS/BA in a cyber-related field (Direct experience or professional certifications may substitute for academic credentials).
- Technical Proficiency: Demonstrated experience with Linux Operating Systems and Microsoft 365 environments.
- Compliance Background: Experience thriving within heavily regulated environments (e.g., federal or financial sectors).
- Citizenship: U.S. Citizenship or Permanent Residency is required.
Preferred Qualifications:
- Forensics: Experience in digital forensics and incident response (DFIR).
- Federal Experience: Previous experience supporting large US federal agency contracts.
Skill(s)
- Technical Security Tools: Proficiency with Splunk, SIEM, DLP, EDR, and Microsoft Purview/Defender.
- Analytical Thinking: Strong analytical and problem-solving skills with high attention to detail.
- Communication: Excellent written and verbal communication, including the ability to develop and deliver presentations to senior management.
- Collaboration: Ability to work effectively with cross-functional teams and diverse stakeholders.
- Interpersonal Skills: Industry-leading interpersonal skills for coordinating between business and technology leaders.
- Organizational Skills: Strong organizational capabilities for managing complex programmatic roadmaps.
Benefits
- Insurance - health, dental, and vision
- Paid Time Off (PTO) and 11 Federal Holidays
- 401(k) employer match
