Today
Public Trust
Senior Level Career (10+ yrs experience)
IT - Database
Remote/Hybrid•Bethesda, MD (On/Off-Site)
ICS is currently searching for a Security Infrastructure Support SIEM & Data Pipeline Technical Lead/SME, for a new contract within the National Institutes of Health.
Employee(s) performing SIEM & Data Pipeline Technical Lead/SME functions must demonstrate credentials to reflect knowledge, skills, and experience
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field experience preferred.
• 10+ years of experience designing, installing, maintaining, and supporting Enterprise IT systems.
• 5+ years of experience at the Senior Engineer level or higher.
• 3+ years of specific experience with Cybersecurity tools or SIEM implementation and administration is required.
• Experience with a hybrid infrastructure (on-prem and cloud) environment.
• Demonstrate familiarity with cloud security concepts, services, and operations (AWS, Azure, O365) including migrations, security hardening, and related logging services.
• In-depth experience with SIEM solutions, data collection tools, and proficiency with log routing, filtering, and transformation tools.
• Deep understanding of log formats (CEF, LEEF, JSON, XML), log normalization, data enrichment, and event correlation.
• Experience with CI/CD tools and DevOps practices for creating reliable and repeatable data pipelines.
• Strong scripting skills, particularly in JavaScript and Python, for automation and pipeline development.
• Ability to write complex queries using languages like SPL (Splunk) or SQL.
• Demonstrate verbal and written communication skills in explaining complex security concepts such as data pipelines and data dictionaries to technical and non-technical stakeholders as well as executive-level reporting.
• Understanding of data governance and the MITRE ATT&CK framework desired.
• Hands-on experience with federal cybersecurity compliance frameworks (FISMA, NIST 800-53, NIST 800-92, OMB M-21-31, CDM).
• Strong problem-solving and analytical abilities for identifying and addressing security issues and root causes.
• Experience working with third-party vendors and cross-functional teams.
Employee(s) performing SIEM & Data Pipeline Technical Lead/SME functions must demonstrate credentials to reflect knowledge, skills, and experience
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field experience preferred.
• 10+ years of experience designing, installing, maintaining, and supporting Enterprise IT systems.
• 5+ years of experience at the Senior Engineer level or higher.
• 3+ years of specific experience with Cybersecurity tools or SIEM implementation and administration is required.
• Experience with a hybrid infrastructure (on-prem and cloud) environment.
• Demonstrate familiarity with cloud security concepts, services, and operations (AWS, Azure, O365) including migrations, security hardening, and related logging services.
• In-depth experience with SIEM solutions, data collection tools, and proficiency with log routing, filtering, and transformation tools.
• Deep understanding of log formats (CEF, LEEF, JSON, XML), log normalization, data enrichment, and event correlation.
• Experience with CI/CD tools and DevOps practices for creating reliable and repeatable data pipelines.
• Strong scripting skills, particularly in JavaScript and Python, for automation and pipeline development.
• Ability to write complex queries using languages like SPL (Splunk) or SQL.
• Demonstrate verbal and written communication skills in explaining complex security concepts such as data pipelines and data dictionaries to technical and non-technical stakeholders as well as executive-level reporting.
• Understanding of data governance and the MITRE ATT&CK framework desired.
• Hands-on experience with federal cybersecurity compliance frameworks (FISMA, NIST 800-53, NIST 800-92, OMB M-21-31, CDM).
• Strong problem-solving and analytical abilities for identifying and addressing security issues and root causes.
• Experience working with third-party vendors and cross-functional teams.
group id: 10176392
