SkyePoint Decisions, Inc.

Returning Candidate?

SIEM Integration Engineer

SIEM Integration Engineer

ID 
2017-1502
Job Location 
US-MD-Beltsville
Job Type 
Immediate Hire
Category 
Information Technology

More information about this job

Overview

The SIEM Integration Engineer will perform various tasks and hold key responsibilities within a newly created team in Beltsville, MD

 

The successful candidate will possess deep technical knowledge and experience on the deployment and administration of distributed Splunk environments.  The successful candidate will possess deep technical knowledge on a number of security technologies; have a solid understanding of information security and networking and extensive experience interacting with customer.  The SIEM Integration Engineer is responsible for integration of client specific SIEM management solutions. 

Responsibilities

  • Maintain a distributed Splunk environment.
    • Configure/update license pools and server classes
    • Maintain indexer clusters
    • Maintain search head clusters
    • Configure LDAP strategies
  • Support tool research and participation in the acquisition decision of SIEM devices.
  • Actively participate and represent the Agency in Cybersecurity and Infrastructure Management Tool projects to ensure their effective support of Agency functions.
  • Perform baseline deployment of clients SIEM.
  • Responsible for Cybersecurity/System Tool Configuration Management.
  • Responsible for SIEMs security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products and technical quality assurance.
  • Responsible for the technical planning and execution of the implementation plan leading the technical aspects of the implementations of multivendor/multi-device/platform solutions.
  • Technical troubleshooting efforts for complex network environments to identify and eliminate network or security configuration issues.
  • Integration projects independently and as a part of a larger project team, often under pressure with tight schedules.
  • Configure backups, verify custom reports, manage log source groups and validate log sources with client.
  • Create custom rules/rule modifications and custom reports as needed.
  • Create SIEM user accounts.
  • Add/Remove log sources. Troubleshoot issues with log sources or systems with vendor and report system defects as needed. 
  • Manage product enhancement.
  • Perform software upgrades, updates and patches as needed.
  • Create client specific Watch Lists where needed.
  • Position requires mentoring and training of Jr SIEM Engineers.
  • Create custom documentation for internal needs.

Qualifications

  • Bachelor’s degree or equivalent experience
  • Active Top Secret
  • 5+ years of related experience
  • 2+ years Managed Security Services or Information Security experience
  • 2+ years Linux or UNIX experience
  • 1+ year of SIEM Engineering experience
  • Working knowledge of SIEM technology including experience in configuring and managing these technologies
  • Demonstrated understanding of Information Security regulations, frameworks, requirements and how to map a client’s security needs to a SIEM solution
  • Security and/or Network understanding in the following:
    • Basic routing principles and networking fundamentals
    • Well known protocols and services
    • Packet Analysis Tools
  • Experience in tools such as:
    • Remedy
    • Archsight
    • FireEye
    • Checkpoint
    • Cisco ASA
    • Active Directory
    • Splunk
    • ForeScout
    • Network Design
  • Excellent verbal and written communication skills.
  • Excellent communication and presentation skills

 

Certifications:

  • Highly Desirable
    • Splunk Certified Admin
    • Splunk Certified Architect
  • 2 or more of the following:
    • Security+CE
    • CISSP
    • GCIH
    • GCIA
    • GPEN
    • CEH
    • CCNA

 

SkyePoint Decisions is an established ISO 9000:2008 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customer’s technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.

 

SkyePoint Decisions empowers a secure dynamic workforce to complete any mission -- anytime, anywhere. It’s what we call Agency Anywhere®. SkyePoint Decisions delivers Agency Anywhere® by tightly integrating our technical competencies (cybersecurity, cloud services, remote access, collaboration, system & network optimization, device management and more) to provide our customer’s operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to successfully and securely complete any mission – anytime, anywhere.

 

SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.