Key Facts

Remote From:

Full time

English

Hard Skills

Log Monitoring Incident Management Enterprise Network Security Application Monitoring Microsoft Azure System Monitoring Data Integration Scripting Configuration Management AWS Cloud Services +14 more

Other Skills

•
Communication
•
Teamwork
•
Analytical Thinking
•
Problem Solving

Roles & Responsibilities

Bachelor's degree in cybersecurity, IT, or a related field (or equivalent experience)
Demonstrated experience in enterprise cybersecurity, SIEM engineering, or monitoring environments
Experience with enterprise SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar) and strong log management, event correlation, and telemetry pipelines
Knowledge of cybersecurity frameworks (NIST, RMF, FISMA) and cloud/hybrid environments (Azure, AWS, M365)

Requirements:

Administer, configure, and optimize SIEM platforms and monitoring tools, including onboarding new data sources with proper normalization.
Develop and tune detection rules, alerts, and correlation logic to reduce false positives; support telemetry pipelines and log management.
Collaborate with SOC/NOC teams on detection, incident response, threat hunting, and root cause analysis.
Create and maintain technical documentation, procedures, and engineering baselines; monitor security control effectiveness.

Job description

cFocus Software seeks a Security Engineer / SIEM Engineer to join our program supporting the Federal Communications Commission (FCC). This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelor’s degree in cybersecurity, IT, or related field (or equivalent experience)
Demonstrated experience in enterprise cybersecurity, SIEM engineering, or monitoring environments
Experience supporting systems of similar scale, complexity, or criticality
Ability to support engineering, monitoring, and operational cybersecurity functions
Experience with enterprise SIEM platforms (e.g., Splunk, Sentinel, QRadar)
Strong understanding of log management, event correlation, and telemetry pipelines
Knowledge of cybersecurity frameworks (NIST, RMF, FISMA)
Experience with cloud and hybrid environments (Azure, AWS, M365)
Familiarity with EDR, XDR, and network security tools
Ability to analyze large datasets and identify security trends
Experience supporting SOC operations and incident response
Experience with automation and SOAR platforms
Knowledge of Zero Trust Architecture and modern security frameworks
Scripting experience (Python, PowerShell)
Familiarity with threat intelligence and threat hunting techniques
Required Certifications
- CompTIA Security+
- Certified Information Systems Security Professional (CISSP) (preferred)
- GIAC certifications (e.g., GCIA, GCIH)
- Splunk, Microsoft Sentinel, or other SIEM platform certifications
- Equivalent certifications demonstrating similar competency may be accepted

Duties:

Administer, configure, and optimize SIEM platforms and monitoring tools
Integrate and onboard new data sources, ensuring proper normalization and validation
Develop and tune detection rules, alerts, and correlation logic to reduce false positives
Support log management, telemetry pipelines, and enterprise monitoring architecture
Identify gaps in visibility and recommend enhancements to monitoring coverage
Collaborate with SOC/NOC teams to improve detection and response capabilities
Perform detection engineering and continuous improvement of monitoring outputs
Support configuration management and monitoring of security control effectiveness
Develop and maintain technical documentation, procedures, and engineering baselines
Participate in incident investigations, threat hunting, and root cause analysis.