Security Engineer (Sentinel / SIEM)

About

cFocus Software seeks a Security Engineer (Sentinel / SIEM) to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance.

Qualifications

• Active Public Trust clearance
• B.S. Computer Science, Information Technology, or a related field
• 6+ years of Security Engineering experience
• Experience with Microsoft Sentinel and SIEM platforms
• Strong knowledge of log management, ingestion, and normalization
• Experience with KQL (Kusto Query Language)
• Familiarity with NIST SP 800-53, 800-92, 800-61
• Experience with cloud log sources (AWS, Azure)
• Understanding of security monitoring and incident response
• Relevant certifications (CISSP, GCIA, GCIH, or Microsoft Security certs)
• Preferred certifications include but are not limited to
• GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
• Microsoft Sentinel or Microsoft security platform certifications
• Relevant cloud security certifications (e.g., AWS security)
• Privacy certifications (e.g., CIPP/US, CIPM) where applicable

Duties

• Manage log ingestion, normalization, and monitoring within Microsoft Sentinel
• Ensure integrity, availability, and confidentiality of log data across environments
• Develop and maintain detection rules, correlation logic, and SIEM analytics
• Monitor ingestion pipelines and resolve gaps or failures
• Support incident response, threat hunting, and forensic investigations
• Provide log reporting, dashboards, and audit-ready documentation
• Maintain log retention policies and lifecycle management
• Coordinate with stakeholders to onboard new log sources
• Ensure compliance with NIST standards and federal requirements