CBO - Security Engineer (Sentinel / SIEM)
United States of America
Full Time
3 hours ago
No H1B
Key skills
AnalyticsAWSAzureCloud Security
About this role
cFocus Software seeks a Security Engineer (Sentinel / SIEM) to join their program supporting the Congressional Budget Office (CBO). The role involves managing log ingestion and monitoring within Microsoft Sentinel, ensuring the integrity of log data, and supporting incident response and threat hunting activities.
Responsibilities:
- Manage log ingestion, normalization, and monitoring within Microsoft Sentinel
- Ensure integrity, availability, and confidentiality of log data across environments
- Develop and maintain detection rules, correlation logic, and SIEM analytics
- Monitor ingestion pipelines and resolve gaps or failures
- Support incident response, threat hunting, and forensic investigations
- Provide log reporting, dashboards, and audit-ready documentation
- Maintain log retention policies and lifecycle management
- Coordinate with stakeholders to onboard new log sources
- Ensure compliance with NIST standards and federal requirements
Requirements:
- Active Public Trust clearance
- B.S. Computer Science, Information Technology, or a related field
- 6+ years of Security Engineering experience
- Experience with Microsoft Sentinel and SIEM platforms
- Strong knowledge of log management, ingestion, and normalization
- Experience with KQL (Kusto Query Language)
- Familiarity with NIST SP 800-53, 800-92, 800-61
- Experience with cloud log sources (AWS, Azure)
- Understanding of security monitoring and incident response
- Relevant certifications (CISSP, GCIA, GCIH, or Microsoft Security certs)
- GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
- Microsoft Sentinel or Microsoft security platform certifications
- Relevant cloud security certifications (e.g., AWS security)
- Privacy certifications (e.g., CIPP/US, CIPM) where applicable