CBO - Senior Security Engineer at cFocus Software Incorporated – Washington, District of Columbia

cFocus Software seeks a Senior Security Engineer to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance.
Qualifications:

• Active Public Trust clearance
• B.S. Computer Science, Information Technology, or a related field
• 8+ years of Security Engineering experience
• Strong experience with Microsoft Sentinel (SIEM) operations and engineering
• Experience with Microsoft Defender for Endpoint (MDE) and Defender for Identity (MDI)
• Knowledge of AWS logging (CloudTrail, VPC Flow Logs) and cloud security monitoring
• Experience with log ingestion, normalization, and schema mapping
• Understanding of incident response, threat detection, and SOC operations
• Familiarity with NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles
• Experience with detection engineering and threat hunting methodologies
• Preferred certifications include but are not limited to
  • GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
  • Microsoft Sentinel or Microsoft security platform certifications
  • Relevant cloud security certifications (e.g., AWS security)
  • Privacy certifications (e.g., CIPP/US, CIPM) where applicable

Duties:

• Review Microsoft Sentinel log ingestion, pipeline health, and monitoring coverage
• Validate, develop, and tune detection use cases aligned with MITRE ATT&CK
• Identify telemetry gaps and ensure proper ingestion and normalization of logs
• Coordinate remediation activities with CBO IRM staff
• Support vulnerability prioritization and patch governance validation
• Validate log routing, transformation, and normalization (e.g., Cribl or similar tools)
• Provide technical support during security incidents and escalation events
• Support detection engineering, threat hunting, and SOC automation initiatives
• Ensure alignment with Microsoft Defender (Endpoint, Identity) and AWS log sources