Job Requirements
Washington, DC
Public Trust Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries
Job Description
Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking a SIM Architect to support KDS and our government customer in Washington, DC. This position requires the candidate to be able to obtain a Public Trust.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Security Information Management (SIM) Architect to support the design, development, and implementation of security information management architectures, strategies, and solutions in support of the U.S. Small Business Administration (SBA). The ideal candidate is a senior-level cybersecurity and architecture professional with deep expertise in security information management, SIEM platforms, log management, security analytics, and the integration of security data sources within complex federal government environments. This individual will serve as the subject matter expert and technical leader for SBA's security information management architecture, driving the strategic design, implementation, and continuous improvement of SBA's security data collection, correlation, analysis, and reporting capabilities to support effective detection, response, and compliance activities across the enterprise.
The SIM Architect will serve as the senior technical lead and SME for security information management architecture and implementation at the SBA, working closely with SBA's IT leadership, security operations teams, network and infrastructure teams, application teams, and external partners to design, build, and continuously improve a robust and scalable security information management capability that supports SBA's cybersecurity mission and federal compliance requirements.
Principal responsibilities will include but are not limited to:
Education and Experience:
Required:
Desired:
Required Skills and Competencies:
Desired Skills and Competencies:
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Security Information Management (SIM) Architect to support the design, development, and implementation of security information management architectures, strategies, and solutions in support of the U.S. Small Business Administration (SBA). The ideal candidate is a senior-level cybersecurity and architecture professional with deep expertise in security information management, SIEM platforms, log management, security analytics, and the integration of security data sources within complex federal government environments. This individual will serve as the subject matter expert and technical leader for SBA's security information management architecture, driving the strategic design, implementation, and continuous improvement of SBA's security data collection, correlation, analysis, and reporting capabilities to support effective detection, response, and compliance activities across the enterprise.
The SIM Architect will serve as the senior technical lead and SME for security information management architecture and implementation at the SBA, working closely with SBA's IT leadership, security operations teams, network and infrastructure teams, application teams, and external partners to design, build, and continuously improve a robust and scalable security information management capability that supports SBA's cybersecurity mission and federal compliance requirements.
Principal responsibilities will include but are not limited to:
- Serve as the senior SME and technical lead for security information management architecture at the SBA, providing expert guidance, strategic direction, and technical leadership on all aspects of SBA's SIEM platform, log management infrastructure, security analytics capabilities, and related security data management solutions.
- Develop, maintain, and continuously refine SBA's security information management architecture strategy, roadmap, and implementation plan, ensuring alignment with NIST cybersecurity frameworks, FISMA requirements, federal continuous monitoring mandates, and SBA's overall cybersecurity strategy.
- Lead the design and development of comprehensive security information management architectural solutions encompassing log collection and aggregation, data normalization and enrichment, security event correlation, threat detection, security analytics, and reporting capabilities across SBA's enterprise IT environment.
- Assess SBA's current SIEM platform, log management infrastructure, and security data management capabilities against current and emerging requirements, identifying gaps, risks, and prioritized opportunities for architectural improvement and capability enhancement.
- Lead the design, configuration, and optimization of SBA's SIEM platform, ensuring it is architected to effectively collect, normalize, correlate, and analyze security data from all relevant sources across SBA's on-premises, cloud, and hybrid IT environments.
- Develop and maintain comprehensive security information management architecture documentation including reference architectures, data flow diagrams, log source onboarding guides, correlation rule development standards, and other required technical artifacts.
- Lead the development and implementation of SIEM correlation rules, detection logic, and alerting configurations, ensuring they are aligned with current threat intelligence, the MITRE ATT&CK framework, and SBA's specific risk environment and detection requirements.
- Oversee the onboarding and integration of new log sources and security data feeds into SBA's SIEM platform, developing and enforcing standards for log source onboarding, data normalization, and data quality management.
- Collaborate with SBA's SOC, incident response, and cyber defense teams to ensure the security information management architecture effectively supports threat detection, investigation, and response activities, and continuously refine detection capabilities based on operational experience and lessons learned.
- Lead the design and implementation of security analytics capabilities within SBA's security information management environment, including the development of dashboards, reports, and metrics that provide actionable security insights for both operational teams and SBA senior leadership.
- Support the integration of threat intelligence feeds and platforms into SBA's SIEM architecture, ensuring threat intelligence is effectively operationalized to enhance detection and response capabilities.
- Provide expert guidance on the architecture and integration of complementary security technologies including SOAR platforms, user and entity behavior analytics (UEBA) solutions, network detection and response (NDR) tools, and other security data sources into SBA's security information management ecosystem.
- Collaborate with SBA's continuous monitoring and compliance teams to ensure the security information management architecture supports FISMA continuous monitoring requirements, CDM program integration, and other federal compliance reporting obligations.
- Evaluate, recommend, and support the implementation of new security information management tools, technologies, and platforms to continuously enhance SBA's security data management and analytics capabilities.
- Provide technical leadership, mentorship, and guidance to SOC analysts, security engineers, and other technical staff on SIEM operations, log management, correlation rule development, and security analytics best practices.
- Develop and deliver security information management architecture briefings, progress reports, and technical recommendations for SBA senior leadership and stakeholders.
- Stay at the forefront of security information management technology developments, threat detection methodologies, and federal cybersecurity requirements, applying this knowledge to continuously improve SBA's security information management architecture and capabilities.
Education and Experience:
Required:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Systems Engineering, or a related field from an accredited college or university, OR equivalent combination of education and extensive relevant work experience.
- 8+ years of progressive experience in cybersecurity and/or enterprise architecture, with significant demonstrated experience in SIEM architecture, design, implementation, and management in a federal government or large enterprise environment.
- Demonstrated expert-level knowledge and hands-on experience with enterprise SIEM platforms such as Splunk Enterprise Security, Microsoft Sentinel, IBM QRadar, or similar, including experience designing and implementing complex SIEM architectures for large-scale federal or enterprise environments.
- Demonstrated experience with log management, security data normalization, correlation rule development, and security analytics in an operational security environment.
- One or more of the following certifications: Splunk Certified Architect, Microsoft Certified: Azure Sentinel Engineer, Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), or equivalent senior-level cybersecurity or security architecture certification.
Desired:
- Master's degree in Cybersecurity, Information Technology, Systems Engineering, or a related field.
- Prior experience designing and implementing SIEM architectures in support of a federal civilian agency, preferably the SBA or a similar organization.
- GIAC Security Expert (GSE), IBM QRadar Certified Deployment Professional, or other relevant advanced SIEM or cybersecurity architecture certifications.
Required Skills and Competencies:
- Expert-level knowledge of security information management principles, architectures, and best practices including SIEM platform design, log management, security data normalization, event correlation, threat detection, and security analytics in a federal government or large enterprise environment.
- Demonstrated expert-level hands-on experience with enterprise SIEM platforms such as Splunk Enterprise Security, Microsoft Sentinel, IBM QRadar, or similar, including experience designing, implementing, and optimizing complex SIEM architectures for large-scale environments.
- Deep expertise in log management and security data management including log collection architectures, data normalization and enrichment methodologies, log source onboarding processes, and data quality management practices.
- Extensive experience developing and optimizing SIEM correlation rules, detection logic, and alerting configurations aligned with the MITRE ATT&CK framework, threat intelligence, and operational security requirements.
- Strong experience with security analytics, dashboard development, and reporting within SIEM platforms, with the ability to develop actionable security insights and metrics for both technical and executive audiences.
- Solid understanding of federal cybersecurity frameworks, requirements, and guidance including NIST SP 800-53, NIST SP 800-137, FISMA, CDM program requirements, and relevant OMB and CISA directives, and their application to security information management architecture design and operations.
- Experience integrating threat intelligence feeds and platforms into SIEM architectures to enhance detection and response capabilities.
- Strong knowledge of network security, endpoint security, cloud security, and application security technologies and their log sources, data formats, and integration requirements within a SIEM architecture.
- Experience with cloud security monitoring and the integration of cloud-native log sources and security services from AWS, Microsoft Azure, or Google Cloud Platform into enterprise SIEM architectures.
- Advanced scripting and programming skills in Python, PowerShell, SPL (Splunk Processing Language), KQL (Kusto Query Language), or similar languages for SIEM query development, data analysis, and automation of security information management tasks.
- Exceptional written and oral communication skills in English, with the ability to clearly communicate complex SIEM architecture concepts, technical designs, and security analytics findings to both technical teams and senior non-technical audiences.
- Strong leadership and mentorship skills with demonstrated experience providing technical guidance and developing the SIEM and security analytics capabilities of SOC analysts and security engineering staff.
- Ability to obtain and maintain a Public Trust clearance as required by the SBA.
Desired Skills and Competencies:
- Prior experience designing and implementing SIEM architectures in support of the SBA or a similar federal civilian agency.
- In-depth familiarity with SBA's IT environment, security operations, and cybersecurity program, including an understanding of the unique challenges and opportunities associated with designing and implementing security information management solutions within the SBA environment.
- Experience with SOAR platform architecture and integration, including the design and implementation of security orchestration and automation workflows that leverage SIEM data to accelerate detection and response activities.
- Advanced knowledge of user and entity behavior analytics (UEBA) solutions and their integration into enterprise SIEM architectures to enhance insider threat and anomaly detection capabilities.
- Experience with network detection and response (NDR) technologies and their integration into the broader security information management ecosystem to provide comprehensive network visibility.
- Expert knowledge of the MITRE ATT&CK framework and its practical application to SIEM detection rule development, threat hunting, and security analytics within a federal agency environment.
- Experience with the CDM program and its data feeds, reporting requirements, and integration with agency SIEM and security information management architectures.
- Familiarity with data lake and big data analytics architectures and their application to security information management, including experience with platforms such as AWS Security Lake, Microsoft Sentinel, or similar cloud-native security data management solutions.
- Splunk Certified Architect, Splunk Enterprise Security Certified Admin, Microsoft Certified: Azure Sentinel Engineer, IBM QRadar Certified Deployment Professional, or other relevant advanced SIEM platform certifications.
- Experience supporting federal continuous monitoring programs and CDM agency dashboard integration in alignment with CISA CDM program requirements.
- Knowledge of data privacy requirements and their application to security log management and retention practices within a federal agency environment.
- Experience evaluating and implementing emerging security information management technologies and approaches, including AI/ML-based threat detection and security analytics capabilities, within a federal government context.
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
group id: 10201473