You are viewing a preview of this job. Log in or register to view more details about this job.

SIEM Engineer

Titania Solutions Group
Email
We are seeking an Elastic SIEM Engineer for immediate hire, contingent upon contract award which is imminent. The successful candidate will be responsible for managing the Elastic Cloud Enterprise & Elasticsearch platforms for an agency in DHS within Swish Data’s Center of Excellence (COE). You will be focused on the day-to-day operations and improvement of the ECE cluster utilized as the SIEM function within this agency.

Successful candidates will need to be familiar ElasticSearch, Kibana, Logstash, SOC operations, open-source security frameworks, and Linux.

This is an amazing opportunity for a cyber security engineer who thrives on protecting the US Government, and US citizens, from bad actors. Location for this position is in the Springfield VA area, primarily at a government facility.

Tasks within technical deployment and services:
  • Elastic SIEM solution development, integration, platform architecture, and capacity planning in mission-critical environments
  • Deploying additional Elastic clusters using infrastructure as code (Ansible playbooks)
  • Maintain, secure, and upgrade ECE deployments
  • Integrate log and sensor data into ELK
  • Data modeling, query development and optimization, cluster tuning and scaling with a focus on fast search and analytics at scale
  • Streamline cybersecurity tactics, techniques and procedures
  • Create dashboards and reports in ELK
  • Leverage data analytics can machine learning algorithms for cyber operations
  • Provide adoption awareness and training for the ELK SIEM
  • Working with a multi-tenant platform and working with tenants to understand requirements
  • Providing subject matter expertise to assist the rest of the team in their roles

Technical/Business Knowledge
  • 7+ years of experience with IT with a focus in Linux sysadmin or cyber operations
  • 3+ years of experience with hands on operations of sizing, monitoring, and management, and open-source tools, including Kafka, Logstash, Beats, Elasticsearch, Kibana, or Splunk
  • Knowledge of planning and executing data retention and life cycle management plans
  • Hands-on experience administrating Elasticsearch clusters (10+ Data nodes)
  • Experience with Java, databases and Linux
  • Knowledge of information retrieval and/or analytics domain
  • Experience with load balancing, DNS, TLS certificate generation and SAML integration.
  • Experience working with data solutions in a public sector
  • Excel at working directly with customers to gather, prioritize, plan and execute solutions to customer business requirements as it relates to our technologies
  • Active DOD Secret clearance

Bonus points
  • Elastic Certified Analyst (ECA) and/or Elastic Certified Engineer (ECE) certifications
  • Security+, CEH, RHCSA, LFCS or similar certifications.
  • Knowledge of NIST 800-53 and DISA Security Technical Implementation Guides (STIGs), and risk management processes
  • Experience integrating Elasticsearch Enterprise wide deployments (10+ Data nodes)
  • Hands on experience with VMWare virtualization
  • Experience as a technical instructor or technical writer