Posted today
Top Secret
Unspecified
Unspecified
Washington, DC (On-Site/Office)
OVERVIEW:
We are seeking an experienced SIEM (Security Information and Event Management) Engineer to provide support to a mission critical customer. The selected candidate will be responsible for the design, deployment, configuration, and maintenance of SIEM systems across multiple classification enclaves.
GENERAL DUTIES:
REQUIRED QUALIFICATIONS:
DESIRED QUALIFICATIONS:
CLEARANCE:
We are seeking an experienced SIEM (Security Information and Event Management) Engineer to provide support to a mission critical customer. The selected candidate will be responsible for the design, deployment, configuration, and maintenance of SIEM systems across multiple classification enclaves.
GENERAL DUTIES:
- Support the architecture, engineering, optimization, and sustainment of Security Information and Event Management (SIEM) platforms supporting defensive cyber operations, advanced threat detection, incident response, and compliance initiatives
- Perform configuration, management and maintenance of network firewalls, security and encryption devices, including IDS, NAC and SIEM systems.
- Integrate diverse log sources including firewalls, IDS/IPS, EDR, servers, network devices, security appliances, and cloud environments.
- Optimize SIEM performance, storage architecture, data retention policies, and system scalability.
REQUIRED QUALIFICATIONS:
- 6+ years of cybersecurity experience, with at least 5 years focused on SIEM engineering in enterprise environments.
- Experience supporting federal government systems at multiple security levels, strong knowledge of federal cybersecurity frameworks, and the ability to provide technical support within a secure environment.
- Hands-on experience with one or more enterprise SIEM platforms.
- Experience engineering and sustaining SIEM solutions in classified or air-gapped environments.
- Familiarity with cross-domain solutions and secure data transfer controls.
- Strong expertise in:
- Log normalization and parsing
- Advanced correlation rule development
- Threat detection engineering
- Network protocols and traffic analysis
- Windows and Linux security logging
DESIRED QUALIFICATIONS:
- Bachelor's degree in Information Technology, Computer Science, Information Systems or related field
- Proficiency in scripting/automation (Python, PowerShell, Bash).
- Deep understanding of MITRE ATT&CK and threat detection methodologies.
- Demonstrated ability to work independently and lead technical initiatives in highly regulated environments.
- Knowledge of Zero Trust architecture principles.
- Relevant certifications such as GIAC (GCIA, GCIH, GCED) or CISSP a plus, but not required.
CLEARANCE:
- Top Secret minimum, with the ability to obtain SCI accesses
group id: 90943786
N
