Sr Security Information and Event Management (SIEM) Engineer

Job Description

ECS is seeking an Sr Security Information and Event Management (SIEM) Engineer to work in our Seaside, CA office.

We are currently seeking a skilled SIEM Engineer who possesses a keen interest in expanding their expertise to encompass Splunk technologies. This role offers an exciting opportunity for individuals eager to delve into the dynamic realm of Splunk Operations and Development while leveraging their existing proficiency in Windows and Linux environments.

• Designs, maintains, and operates highly complex and highly secure centralized logging environments.
• Builds use cases and dashboards dependent on requirements.
  Maintains and manages changes within the SIEM environment.
  Work closely with the Incident Response team on handling incident and problem management for the SIEM infrastructure.
  Facilitates the integration of new data sources into the SIEM..
• Develop detailed security design documentation for component and interface specifications to support system design and development.
• Conduct Assessments and support the development of Agency's technical security tools.
• Create and track metrics using the dashboard in the SIEM solution
• Reviews security events that could be a detriment to the organization's overall security stance.

Salary Range: $150,000 - $170,000

Required Skills

• Active DoD 8570 IAT Level 2 or 3 certification for compliance, including at least one of the following certifications in good standing: CISSP, CCSP, Security+, CND, or SSCP.
• Bachelor's degree and 8+ years of Information Technology or Cybersecurity related experience.
• Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders.
• Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions.
• Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk.
• Knowledge of DoD cybersecurity policies, practices, and requirements.
• Strong organizational skills.

Desired Skills

• Strong experience with Splunk and Splunk Enterprise Security.
• Hands-on experience working with APIs and custom scripting such as PowerShell, Python, or Bash.
• Support in Enterprise Environment.
• Strong technical writing skills.

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.