You are viewing a preview of this job. Log in or register to view more details about this job.

SIEM Lead Engineer

Titania Solutions Group
Email
We are seeking a SIEM Lead Engineer/Technical PM for immediate hire, contingent upon contract award which is imminent. The successful candidate will lead a team of engineers managing the Elastic Cloud Enterprise & Elasticsearch platforms for a federal government client. You will be focused on leading a SIEM team's service delivery of an enterprise-wide Elastic SIEM cluster. This includes technical project oversight, all technical operations, client adoption, and continuous improvement of the SIEM within this agency.

Successful candidates will need to have experience in providing senior-level technical design, deployment, operations, and optimization of federal customers SIEM installations or similar cybersecurity-related deployments.

This is an amazing opportunity for an engineering leader who thrives on protecting the US Government, and US citizens, from bad actors and teaching clients how to continuously improve cyber operations. Travel expectation is very low. The office is located near Springfield, Virginia.

Tasks within this position:
  • Successfully lead a team of engineers providing ongoing cybersecurity support to a federal customer
  • Pragmatic technical leadership for engineers on complex and large-scale ECE clusters deployed across 3 enclaves
  • Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations
  • Work with client to ensure the project is delivered on schedule and within budget
  • Maintain project plan, lead deliverable creation and work with PMO to ensure customer success
  • Deploying new Elastic clusters using infrastructure as code (Ansible playbook)
  • Maintain and upgrade ECE deployments
  • Coordinate and create dashboards and reports in ELK
  • Plan and integrate log and sensor data into ELK
  • Streamline cybersecurity tactics, techniques, and procedures
  • Coordinate adoption awareness and training for the ELK SIEM
  • Manage log stats and configuration changes on Elk back-end through scripting in Java, Python

Technical/Business Requirements
  • 12+ years of experience within the IT industry
  • 5+ years of experience with hands-on operations of sizing, monitoring, and management of SIEMs or search engines. For example, Elasticsearch, Logstash, Beats, Kibana, Splunk, AlienVault, etc.
  • 2+ years of experience leading directly reporting technical team and service delivery
  • Active DoD Secret
  • Knowledge of planning and executing data retention and life cycle management plans
  • Previous responsibility for technical contract deliverable creation, review, and delivery
  • Experience integrating Elasticsearch Enterprise-wide deployments (10+ Data nodes)
  • Experience with load balancing, DNS, TLS certificate generation, and SAML integration.
  • Experience working with data solutions in a professional or educational environment
  • Experience with Linux configuration and administration

Bonus points:
  • Elastic Certified Analyst (ECA) and/or Elastic Certified Engineer (ECE) certifications
  • Experience integrating Elasticsearch Enterprise-wide deployments (10+ Data nodes)
  • Security+, CEH, RHCSA, LFCS or similar certifications.
  • Knowledge of NIST 800-53 and DISA Security Technical Implementation Guides (STIGs), and risk management processes
  • Hands-on experience with VMWare virtualization
  • Agile Scrum Certification
  • PMP Certification