Cybersecurity Engineer - SIEM Elastic(Primarily Remote)

  • Hanover, MD
  • Posted 60+ days ago | Updated 6 hours ago

Overview

Remote
On Site
Full Time

Skills

Extract
transform
load
Design documentation
Business requirements
Information Technology
Security engineering
Vulnerability management
Systems architecture
Information security
Cyber security
SIEM
Recruiting
Analytics
Dashboard
Data
Visualization
Administration
Optimization
Presentations
Management
Cloud computing
Splunk
DICE
STIG
Regulatory Compliance
DoD
Risk management framework
Information assurance
Amazon Web Services
Microsoft Azure
CompTIA
System on a chip
Security clearance

Job Details

ASRC Federal Broadleaf Division is hiring for a Cybersecurity Engineer (SIEM) to support the DCSA in Hanover, MD.

JOB DESCRIPTION:
  • ASRC is hiring a SIEM Engineer to support onsite in Hanover MD. This position has been approved for hybrid support (1 days onsite/4 days remote).
  • This is a technical, hands-on role responsible for the successful operation of a variety of cybersecurity tools, logging framework, and cybersecurity infrastructure
  • Support written technical deliverables for customers and build new capabilities
  • Contributions to infrastructure, data pipeline, analytics dashboards, and other resources will be delivered to threat analysts for consumption
  • Enhance the Joint Staff's ability to secure systems and networks through implementation of the Elastic product family's SIEM tool
  • Facilitate data ingestion of logs including Extract, Transform, and Load (ETL) functions to develop dashboards, visualization, and alerting
  • Create Standard Operation Procedures (SOPs) and perform index administration, maintenance and optimization
  • Develop daily and weekly PowerPoint presentations to brief management and the team
  • Ability to analyze security vulnerability reports and develop/implement a plan to Recognizes and seizes opportunities to improve products, services or approaches
  • Design, document, build, secure, and maintain Elastic Stack solutions deployed in the Cloud or on-premises
  • Engagement with avenues of influence (Splunk product managers, user groups, ) to align platform capabilities with business requirements


#Broadleaf

#dice

Responsibilities

BASIC QUALIFICATIONS:
EXPERIENCE:
  • At least five (5) years of experience in information technology or security engineering and three (3) years of direct Elastic administration experience
  • Experience with developing automated capabilities for securing environments.
  • Experience with STIG compliance and vulnerability management
  • Knowledge of JFQ DoDIN DoD 8510.01 RMF IA Controls (IACs) and implementation.
  • Requires an extensive knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies
  • Ability to mitigate critical vulnerabilities.


ADDITIONAL DESIRED SKILLS
  • Swimlane - Integration
  • DevSecOps experience
  • Cloud certifications and experience (AWS, Azure)

EDUCATION
  • Bachelor's degree in Information Security or related field and/or equivalent combination of experience.


CERTIFICATION(S)
  • DoD 8140/8570 IAT Level II/III certifications required
  • One or more certifications:
  • GIAC Certified Detection Analyst (GCDA)
  • CompTIA Cybersecurity Analyst (CySA+)
  • Elastic Certified Engineer
  • Elastic Certified Analyst
  • Elastic Certified Observability Engineer
  • Certified SOC Analyst (EC-CSA)


CLEARANCE LEVEL:
  • Minimum Secret
  • Ability to obtain and maintain Top Security/SCI clearance