CBO - Senior Security Engineer
cFocus Software seeks a Senior Security Engineer to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance.
Qualifications:
- Active Public Trust clearance
- B.S. Computer Science, Information Technology, or a related field
- 8+ years of Security Engineering experience
- Strong experience with Microsoft Sentinel (SIEM) operations and engineering
- Experience with Microsoft Defender for Endpoint (MDE) and Defender for Identity (MDI)
- Knowledge of AWS logging (CloudTrail, VPC Flow Logs) and cloud security monitoring
- Experience with log ingestion, normalization, and schema mapping
- Understanding of incident response, threat detection, and SOC operations
- Familiarity with NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles
- Experience with detection engineering and threat hunting methodologies
- Preferred certifications include but are not limited to
- GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
- Microsoft Sentinel or Microsoft security platform certifications
- Relevant cloud security certifications (e.g., AWS security)
- Privacy certifications (e.g., CIPP/US, CIPM) where applicable
- Review Microsoft Sentinel log ingestion, pipeline health, and monitoring coverage
- Validate, develop, and tune detection use cases aligned with MITRE ATT&CK
- Identify telemetry gaps and ensure proper ingestion and normalization of logs
- Coordinate remediation activities with CBO IRM staff
- Support vulnerability prioritization and patch governance validation
- Validate log routing, transformation, and normalization (e.g., Cribl or similar tools)
- Provide technical support during security incidents and escalation events
- Support detection engineering, threat hunting, and SOC automation initiatives
- Ensure alignment with Microsoft Defender (Endpoint, Identity) and AWS log sources