Sr. SIEM Engineer

A top government integrator is seeking a Sr. SIEM Engineer to support a large government integrator in Washington, DC.

About the Opportunity:

• Location: Onsite in Washington, DC (slight remote work possible)


• Contract Length: open-ended contract to hour


• Hours: Core business (EST)


• U.S. Citizenship required - must pass federal background investigation for a Public Trust


• Active Public Trust Clearance or Ability to obtain a Public Trust Clearance

Responsibilities:

• Design hardware, operating systems, and software applications to adequately address cybersecurity requirements


• Develop and direct system testing and validation procedures and documentation


• Develop detailed security design documentation for component and interface specifications to support system design and development


• Conduct assessments and support the development of Agency's technical security tools (Tenable Nessus, WebInspect, Splunk, and BigFix) and other tools requested for vulnerabilities and compliance


• Implement security designs for new or existing system(s)


• Incorporate cybersecurity vulnerability solutions into system designs (e.g., Cybersecurity Vulnerability Alerts)


• Create and track metrics using the dashboard in the SIEM/eGRC solution


• Design, implement, test, and evaluate secure interfaces between information systems, physical systems, and/or embedded technologies


• Design, develop, integrate, and update system security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation


• Perform security reviews and identify security gaps in architecture


• Verify stability, interoperability, portability, and/or scalability of system architecture

Qualifications:

• 8 years of experience in SIEM engineering, security monitoring, or threat detection


• Bachelor's or Master's degree in Cybersecurity, Information Security, Computer Science, or a related field


• Experience working in SOC environments, threat hunting, or security engineering roles


• Experience working with federal agencies or government contractors


• Experience with log collection, parsing, and correlation across cloud and on-premise environments


• Knowledge of Cloud Security monitoring (AWS, Azure, Google Cloud Platform)


• Familiarity with Threat Intelligence, IDS/IPS, firewall logs, and EDR solutions

Desired Skills:

• Certified in: Splunk Certified Architect, Microsoft SC-200, IBM QRadar Certified, or ArcSight Specialist


• One of the following certifications: CISSP, CISM, CEH, GCIA, GCIH, OSCP, etc.


• Expertise in SIEM platforms like Splunk, Microsoft Sentinel, QRadar, ArcSight, or Elastic Stack (ELK)


• Strong scripting and automation skills in Python, PowerShell, Bash, or SQL