Information Security Engineer

The Congressional Budget Office is a small nonpartisan agency that provides independent, objective economic and budget analysis to the Congress. The agency seeks a skilled and experienced information security engineer to manage an effective program to protect its information systems.

The information security engineer develops and applies the tools and approach necessary to protect CBO s network and computer systems. This position involves a composite of engineering expertise with hands-on incident response and security analysis. The successful candidate will design, configure, and optimize security tools to enhance detection and response capabilities.

This role requires an in-depth understanding of cybersecurity principles and incident response procedures and the ability to work in a fast-paced environment.

Qualifications

Candidates must have 8 to 10 years of information technology experience, with at least 5 years of recent experience in conducting risk analysis, analyzing audit logs, developing a zero trust architecture, identifying system vulnerabilities, and performing threat hunting to proactively identify and mitigate risks. The most important requirement for this position is demonstrated expertise in a variety of security systems and technologies currently in place. Also required is recent experience with cloud security and advanced threat defense, firewall implementation and system penetration technology, malware detection, and network operating systems (the administration of Windows, Linux, or cloud operating systems is a plus). Experience with information technology security concepts, NIST 800-53 controls and requirements, and the MITRE ATT&CK framework is preferred, as is knowledge of the fundamentals of AI and machine learning. Candidates must also possess strong verbal and written communication skills, especially the ability to explain complex technical material clearly to senior staff, information systems professionals, and both technical and nontechnical users.

Specific duties include the following:

• Leading and participating in investigations of security incidents and ensuring rapid containment and remediation.
• Designing, implementing, and fine-tuning security tools and solutions, including Checkpoint EDR, CheckPoint VPN, iBoss, QRadar, and other security platforms.
• Developing and maintaining detection rules, alerts, and dashboards to improve visibility and threat detection.
• Integrating and optimizing threat intelligence feeds to enhance correlation and alerting capabilities.
• Troubleshooting and resolving performance issues with security tools and systems.
• Actively monitoring and managing security events, responding to alerts from SIEM and security tools.
• Aligning engineering and operations activities with federal requirements such as NIST 800-53, FISMA, and FedRAMP.
• Evaluating and recommending enhancements to security tools and processes.
• Staying current with emerging threats, vulnerabilities, and industry best practices to continuously evolve the security environment.
• Keeping track of tasks to ensure they are completed efficiently.

Additional Information

Candidates must be able to obtain and maintain a top-secret security clearance. A bachelor s degree preferably in computer science, information technology, cybersecurity, or a related field is required. CISSP, CISM, CompTIA Cloud+, Security+, Pen Test, and/or other applicable certifications are desirable.

Salary and Benefits

The salary will be competitive and commensurate with experience, education, and other qualifications. CBO offers and a collegial, respectful work environment.

How to Apply

Please submit a cover letter, a resume, and contact information for three references on CBO's website. The deadline to apply May 27, 2025; however, this job posting may close sooner if a suitable candidate is found. This position is covered by the Veterans Employment Opportunities Act of 1998 as made applicable to CBO by the Congressional Accountability Act, as amended.