Logo-of-Cfocus-Softwareorporated-hiring-for-jobs-in-US-on-GrabJobs

HHS - SIEM Engineer

icon briefcase Job Type : Full Time
icon remote-alt Remote / Work from Home

Job Description - HHS - SIEM Engineer


cFocus Software seeks a SIEM Engineer to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related discipline.
  • Minimum 6–9 years of experience administering enterprise SIEM and logging platforms.
  • Hands‑on experience with Splunk Enterprise and Splunk Enterprise Security.
  • Strong understanding of log management, detection engineering, and SOC operations.
  • Experience integrating cloud, endpoint, network, and application logs.
  • Knowledge of NIST SP 800‑92, NIST SP 800‑137, NIST SP 800‑53, and federal logging requirements.
  • Experience supporting audits, investigations, and compliance reporting.
  • Strong written and verbal communication skills.
  • Splunk Enterprise Certified Architect, Splunk Enterprise Certified Administrator, GCED, GCIA, or CISSP
Duties:
  • Administer and maintain a complex hybrid SIEM and logging infrastructure across on‑premises, IaaS, PaaS, SaaS, and multi‑cloud environments.
  • Ensure SIEM operations comply with OMB M‑21‑31 logging requirements including log categories, retention, and accessibility.
  • Perform data onboarding for new log sources including servers, applications, databases, network devices, cloud services, and security tools.
  • Integrate SOC tools with the SIEM to enable automation, enrichment, and workflow orchestration.
  • Develop, maintain, and optimize SIEM correlation searches, detection use cases, and alerting rules.
  • Build and maintain dashboards, reports, and ad‑hoc searches for SOC analysts, ISSOs, auditors, and leadership.
  • Monitor data accuracy, parsing integrity, timestamp normalization, and log completeness.
  • Optimize SIEM performance including ingestion rates, indexing efficiency, storage utilization, and search response times.
  • Implement SIEM changes following HRSA change management procedures with documented implementation and rollback plans.
  • Develop and maintain SIEM applications, add‑ons, and custom content as required.
  • Integrate threat intelligence feeds to enrich alerts and support advanced detection.
  • Support incident response workflows by ensuring SIEM integration with ticketing and SOAR platforms.
  • Support audit and assessment requests by providing SIEM evidence, logs, and compliance dashboards.
  • Document SIEM architectures, workflows, SOPs, onboarding procedures, and operational processes.
  • Update, patch, and maintain SIEM components in accordance with HHS and HRSA standards.
  • Collaborate closely with the Federal Logging and SIEM SME and SOC leadership.
  • Maintain an SLA of responding to SIEM support requests within two (2) business days.
Original job HHS - SIEM Engineer posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

About the Company

Cfocus Softwareorporated

Our exclusive ATO as a Service™ software & expert services automate FISMA RMF & FedRAMP compliance.

Read more about the company

Similar SIEM Engineer Jobs in the US

GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast! Find the best jobs in the US, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.