Principal SIEM Engineer (ArcSight & Splunk)

Capgemini Government Solutions (CGS) LLC seeks a highly motivated SIEM engineer with experience managing both ArcSight and Splunk. The ArcSight/Splunk Engineer will be responsible for configuring the collection, parsing, correlation, and visualization of events for a critical operational system. Ability to demonstrate strong skills in system administration, log management, event correlation, and threat detection and will support building and maintaining a system that analyzes collected data and derives facts, inferences, and projections to determine if the systems being monitored are operating normally. The individual will lead efforts for configuring the systems which support analysts and end-users. The successful candidate will support the collection and extraction of data used to refine existing and new reports, analytics, and dashboards, and will be involved with the drafting and creation of reports and dashboards based on end-user requirements. She/he will also support the integration of resources across teams to better define the audit data being collected to eliminate false positives and false negatives from the data.

As a Principal SIEM Engineer (ArcSight & Splunk), you will be:

• Responsible for design, implementation and suppot ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
• Responsible for configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
• Responsible for troubleshooting ArcSight or Splunk dataflow issues between the various event flow components
• Responsible for configuring and deploying data collection for a variety of operating systems and networking platforms
• Responsible for creating Dashboards and Analytics within SIEM tools
• Working with monitoring systems supporting auditing, incident response, and system health
• Responsible for understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps

Required Qualifications:

• US citizenship is required.
• Top Secret with SCI eligibility.
• Bachelor's degree in information technology, Computer Science, Information Systems, or related field.
• A minimum of 8 years of related cybersecurity experience.
• A minimum of east 4 years of experience with either ArcSight or Splunk
• Experience in design, implementation, and support of ArcSight or Splunk core components, including: ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
• Experience with configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
• Experience with troubleshooting ArcSight or Splunk dataflow issues between the various event flow components
• Experience configuring and deploying data collection for a variety of operating systems and networking platforms
• Experience creating Dashboards and Analytics within SIEM tools
• Experience working with monitoring systems supporting auditing, incident response, and system health
• Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps
• The ability to troubleshoot issues with log feeds, search time, and field extractions
• The ability to troubleshoot problems related to data solutions.

Desired Skills:

• Network Security Operations Center (SOC) experience
• Experience and talent in date correlation
• Experience creating workflows for Incident Response within a SIEM Tool
• GIAC Certified Incident Handler Certification
• GIAC Cyber Threat Intelligence Certification
• Cybersecurity certifications
• Formal SIEM training

Life at Capgemini

Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:

• Flexible work
• Healthcare including dental, vision, mental health, and well-being programs
• Financial well-being programs such as 401(k) and Employee Share Ownership Plan
• Paid time off and paid holidays
• Paid parental leave
• Family building benefits like adoption assistance, surrogacy, and cryopreservation
• Social well-being benefits like subsidized back-up child/elder care and tutoring
• Mentoring, coaching and learning programs
• Employee Resource Groups
• Disaster Relief

About Capgemini

Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 360,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast-evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2022 global revenues of €22 billion.

Get The Future You Want | www.capgemini.com

Disclaimer

Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.

Capgemini is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.

Click the following link for more information on your rights as an Applicant http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future. The disclosed range takes into account the wide range of factors that are considered in making compensation decisions including, but not limited to, geographic location, relevant education, qualifications, certifications, experience, skills, seniority, performance, sales or revenue-based metrics, and business or organizational needs. At Capgemini, it is not typical for an individual to be hired at or near the top of the range for their role. The base salary range for the tagged location is $155,000- 165,000.

This role may be eligible for other compensation including variable compensation, bonus, or commission. Full-time regular employees are eligible for paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c). 

Salary : $155,000 - $165,000