ESS SIEM Engineer

ESS SIEM Engineer

Vacancy expired!

Description

Job Description:

Leidos is seeking a SIEM Engineer that will be part of the Enterprise Security Services (ESS) team on the NOAA Cyber Security Center and Department of Commerce ESOC contract. The primary focus for the SIEM Engineer is to be able to configure, manage, operate, and administrate the SIEM managed platform. In addition, the candidate must have a strong understanding of information security and networking, and extensive experience interacting with end users. The SIEM Engineer serves as an escalation point for critical and complex client issues and assists with developing and documenting work processes.

BASIC QUALIFICATIONS:

• Bachelor's degree in technical field or equivalent experience and 3 - 5 years of prior relevant experience or Masters with less than 3 years of prior relevant experience.
• Must be able to obtain and maintain security clearance, specifically DoD/Top Secret Clearance or TS/SCI (Interim Secret acceptable).
• Detailed understanding of the TCP and IP protocol suites and ability to dissect and explain the contents of traffic and packets.
• Ability to multi-task in a deadline-oriented environment.
• Demonstrated ability to work well independently in a remote environment.
• Experience with configuration of debug, event generation and logging functionality within application and operating systems, using Syslog or flat file generation.

RESPONSIBILITIES:

• Develop metrics and trends that demonstrate the log platform's health and operational state.
• Participate in information security audits, ensuring the technical compliance with related (e.g. PCI, ISO, etc) regulatory requirements.
• Define, document, and implement appropriate delivery, parsing, reporting, and retention of security-relevant log information.
• Assist users of the SIEM in real-time investigation and analysis.
• Research and document security best practices to continually improve the deployment and use of the SIEM.
• Maintain the health, performance, stabilization, tuning and ongoing planning of the SIEM platform.
• Work with other teams in the integration of security tools with the SIEM.
• Develop new SIEM content including correlation rules, dashboards, reports, and alerts that appropriately characterize the importance of events of interest found in multiple environments.

PREFERRED QUALIFICATIONS:

• Experience with ArcSight SIEM platform.
• Hands on experience with Windows and LINUX servers.
• Experience in a Security Operations Center (SOC).
• Active Security+, CISSP, or similar information security certifications.
• Active Secret clearance.

Leidos is growing! Connect with us on LinkedIn and Facebook.

We value and support the well-being and mobility of our employees with competitive benefit packages, complementary e-learning training, work-life flexibility, an exciting External Referral Program, and a diverse, inclusive and ethical work place. In fact, in 2020, Leidos was ranked as one of the World's Most Ethical Companies by the Ethisphere Institute for the third consecutive year.

External Referral Bonus:
Eligible

Potential for Telework:
Yes, 75%

Clearance Level Required:
Secret

Travel:
Yes, 10% of the time

Scheduled Weekly Hours:
40

Shift:
Day

Requisition Category:
Professional

Job Family:
Cyber Operations

Pay Range:
Pay Range $71,500.00 - $110,000.00 - $148,500.00