SIEM Engineer

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field; or equivalent experience
• 5+ years of experience designing, installing, maintaining, and supporting Enterprise IT systems.
• 3+ years of specific experience with cybersecurity tools or SIEM implementation and administration.
• Expert in cybersecurity process and operational improvements, 5 years.
• Functional and operational knowledge of ITSM and Support Tiering, 3 years.
• Solution and architecture development concepts and processes, 3 years.
• Configuration Management, 1+ years.
• Advanced understanding of network security and related security tools and network concepts.
• Practitioner experience with Risk Management Frameworks, specifically NIST.
• Experience with a hybrid infrastructure (on-prem and cloud) environment.
• Demonstrated familiarity with cloud security concepts, services, and operations (Azure, O365), including migrations, security hardening, and related logging services.
• In-depth experience with SIEM solutions, data collection tools, and proficiency with log routing, filtering, and transformation tools.
• Deep understanding of log formats (CEF, LEEF, JSON, XML), log normalization, data enrichment, and event correlation.
• Experience with CI/CD tools and DevOps practices for creating reliable and repeatable data pipelines.
• Strong scripting skills, particularly in JavaScript and Python, for automation and pipeline development.
• Ability to write complex queries using languages like SPL (Splunk) or SQL.
• Demonstrated verbal and written communication skills for explaining complex security concepts such as data pipelines and data dictionaries to technical and non-technical stakeholders as well as executive-level reporting.
• Hands-on experience with federal cybersecurity compliance frameworks (FISMA, NIST 800-53, NIST 800-92, OMB M-21-31, CDM).
• Strong problem-solving and analytical abilities for identifying and addressing security issues and root causes.
• Proven experience working with third-party vendors and cross-functional teams.

Nice To Haves

• Advanced degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Additional relevant certifications such as CISSP, CEH, or SIEM-specific certifications.
• Understanding of data governance and the MITRE ATT&CK framework.
• Familiarity with automated data management and monitoring tools.
• Knowledge of compliance management tools and practices.

Responsibilities

• Design, install, maintain, and support SIEM solutions and enterprise IT systems.
• Develop and manage data collection, log routing, filtering, and transformation tools.
• Ensure seamless integration of SIEM solutions into a hybrid infrastructure (on-prem and cloud).
• Implement cloud security best practices, including migrations, security hardening, and logging services for Azure, and O365.
• Develop and manage reliable data pipelines using CI/CD tools and DevOps practices.
• Create and maintain log normalization, data enrichment, and event correlation processes.
• Write complex queries using languages like SPL (Splunk) or SQL to analyze and transform data.
• Provide detailed verbal and written communication to explain complex security concepts to both technical and non-technical stakeholders as well as executive-level reporting.
• Ensure compliance with federal cybersecurity frameworks (FISMA, NIST 800-53, NIST 800-171, OMB M-21-31, CDM).
• Collaborate with third-party vendors and cross-functional teams to enhance security practices and system integrations.
• Stay updated on the latest trends and best practices in SIEM technologies, data pipelines, and cybersecurity.
• Designs and evaluates end-to-end systems through their entire life cycle with a focus on Cyber Security and Risk Management.
• Ensure products and systems comply with requirements and customer information assurance and cybersecurity standards.
• Conduct software and systems engineering and software systems research to develop new capabilities.
• Conduct comprehensive technology research to evaluate potential vulnerabilities.
• Author strategy for and can perform testing, implementation, maintenance, and administration of the security infrastructure hardware and software.
• The full range of security issues including architecture, firewalls, electronic data traffic, and network access.
• Employment of encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research.
• Ensure the logical and systematic conversion of customer or product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints.
• Develop cybersecurity engineering architectural artifacts and analyze systems engineering artifacts provided/created by others for future cyber operational concerns. Participate in special initiatives aimed at addressing critical technical issues and fulfilling organizational needs.
• Assist in team onboarding training and the recruiting of new team members.

Benefits

• Excellent health/dental benefits from BCBS and Ameritas
• See into the future with our luxurious VSP vision benefits
• Prepare for the long-haul courtesy of our 401k with company matching
• 10 days' vacation, 7 days sick time
• Bonuses and salary increase potential via our certifications plan