Sr. Security Engineer

Role Overview

The Senior Security Engineer will provide onsite technical leadership for SIEM engineering, log integration, and incident support within the Congressional Budget Office vSOC program. This role requires deep expertise in Microsoft Sentinel and Defender ecosystems, with proven ability to onboard complex data sources, optimize detection pipelines, and support real-time incident response. The engineer will bridge SOC operations and engineering functions, ensuring compliance with NIST SP 800-53 and FISMA frameworks.

Key Responsibilities

• Design and implement log ingestion pipelines across cloud, network, and enterprise systems.
• Configure and maintain Microsoft Sentinel connectors and Defender XDR integrations.
• Ensure proper normalization, schema mapping, and data quality validation.
• Collaborate with SOC analysts to tune detection rules and improve alert fidelity.
• Support incident response activities through log analysis, correlation, and escalation coordination.
• Optimize query performance and detection pipelines for faster response times.
• Work onsite with stakeholders to align technical solutions with operational needs.
• Maintain audit-ready operations aligned with NIST SP 800-53 and FISMA.

Required Skills & Qualifications

• 8 10+ years of experience in security engineering, SIEM integration, and incident support.
• Hands-on expertise with Microsoft Sentinel, Defender XDR, Splunk, ELK.
• Strong knowledge of Azure Log Analytics, AWS CloudTrail, VPC Flow Logs.
• Proficiency in KQL (Kusto Query Language), SQL, and log analysis.
• Experience with ServiceNow, Jira, Power BI, GitHub for workflow and reporting.
• Solid understanding of federal compliance frameworks (NIST SP 800-53, FISMA, FedRAMP).

Certifications (Preferred)

• Microsoft Certified: Security Operations Analyst (SC-200)
• Microsoft Certified: Azure Security Engineer (AZ-500)
• CISSP / Security+ / Equivalent