The successful candidate will possess deep technical knowledge on a number of security technologies; have a solid understanding of information security and networking and extensive experience interacting with customer. The SIEM Integration Engineer is responsible for integration of client specific SIEM management solutions.
• Support tool research and participation in the acquisition decision of SIEM devices.
• Actively participate and represent the Agency in Cybersecurity and Infrastructure Management Tool projects to ensure their effective support of Agency functions.
• Perform baseline deployment of clients SIEM.
• Responsible for Cybersecurity/System Tool Configuration Management.
• Responsible for SIEMs security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products and technical quality assurance.
• Responsible for the technical planning and execution of the implementation plan leading the technical aspects of the implementations of multivendor/multi-device/platform solutions.
• Lead technical troubleshooting efforts for complex network environments to identify and eliminate network or security configuration issues.
• Lead Integration projects independently and as a part of a larger project team, often under pressure with tight schedules.
• Configure backups, verify custom reports, manage log source groups and validate log sources with client.
• Create custom rules/rule modifications and custom reports as needed.
• Create SIEM user accounts.
• Add/Remove log sources. Troubleshoot issues with log sources or systems with vendor and report system defects as needed.
• Manage product enhancement.
• Perform software upgrades, updates and patches as needed.
• Create client specific Watch Lists where needed.
• Position requires mentoring and training of Jr SIEM Engineers.
• Create custom documentation for internal needs.
• Bachelor’s degree or equivalent experience
• Active Secret
• 5+ years of related experience
• 2+ years Managed Security Services or Information Security experience
• 2+ years Linux or UNIX experience
• 1+ year of SIEM Engineering experience
• Working knowledge of SIEM technology including experience in configuring and managing these technologies
• Demonstrated understanding of Information Security regulations, frameworks, requirements and how to map a client’s security needs to a SIEM solution
• Security and/or Network understanding in the following:
o Basic routing principles and networking fundamentals
o Well known protocols and services
o Packet Analysis Tools
• Experience in tools such as:
o Cisco ASA
o Active Directory
o Network Design
• Excellent verbal and written communication skills.
• Excellent communication and presentation skills
• 2 or more of the following: