The Program is looking for a SIEM (Security Information and Event Management) Engineer to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology to support a nationally significant and fast-paced program. Program execution follows DEVOPS best practices and employs robust development, test and production environments. We are using Behavior Driven Development (BDD) and test automation tools alongside a full suite of team collaboration tools. Leidos is the prime contractor providing system engineering, development, test, integration and operational support. The program focused on injecting new technology and adding advanced capabilities while continuing to support an on-going mission and operational system.
The SIEM Engineer is responsible for configuring the collection, parsing, correlation, and visualization of events for a critical operational system. The successful candidate will demonstrate strong skills in system administration, log management, event correlation, and threat detection.
The SIEM Engineer will support building and maintaining a system that analyzes collected data and derives facts, inferences, and projections to determine if the systems being monitored are operating normally. This individual will work on a team responsible for configuring the systems which support analysts and end-users. The successful candidate will support the collection and extraction of data used to refine existing and new reports, analytics, and dashboards, and will be involved with the drafting and creation of reports and dashboards based on end-user requirements. She/he will also support the integration of resources across teams to better define the audit data being collected to eliminate false positives and false negatives from the data.
- 4 years of relevant experience are required. Additional experience may be substituted for a degree.
- At least 2 years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk.
- Experience configuring and deploying data collection for a variety of operating systems and networking platforms.
- Experience creating Dashboards and Analytics within SIEM tools.
- Experience working with monitoring systems supporting auditing, incident response, and system health.
- The ability to troubleshoot problems related to data solutions
- Bachelor’s Degree in Information Assurance or related field
- Network Security Operations Center (SOC) experience preferred.
- Experience and talent in data visualization.
- Experience creating workflows for Incident Response within a SIEM Tool.
- Security+ Certification.
- GIAC Certified Incident Handler Certification.
- GIAC Cyber Threat Intelligence Certification.
- Cybersecurity certifications
- SIEM training