Job Details

ID #46069694
State Texas
City Corpus christi
Full-time
Salary USD TBD TBD
Source General Dynamics Information Technology
Showed 2022-09-28
Date 2022-09-29
Deadline 2022-11-27
Category Et cetera
Create resume

Cloud SIEM Engineer (top secret, required) - 100% Remote

Texas, Corpus christi, 78401 Corpus christi USA

Vacancy expired!

Type of Requisition: RegularClearance Level Must Be Able to Obtain: SecretPublic Trust/Other Required: NACLC (T3)Job Family: Cyber EngineeringWe are GDIT. We stay at the forefront of innovation to solve complex technical challenges.The desired candidate will provide cybersecurity data analysis services, which designs, develops, builds, tests, configures, employs, operates, integrates, sustains, and refreshes the Security Information Events Management (SIEM) capability (i.e. Enterprise Audit), long-term analytics platform, log aggregation platform, and the cyber threat intelligence capability, signature development and deployment, and reputation management services. This includes the onboarding of all new and existing IT resources, and ensuring the correct routing of all audit events to mission partners in accordance with Joint Special Access Program Implementation Guide (JSIG) standards.The Cloud SIEM Engineer will serve as a member of the Governance Risk and Compliance (GRC) team as the SIEM)/Linux administrator. The SIEM administrator will be responsible for ensuring that logs are collected from systems and devices across the architecture into SIEM system for analysis. Engineer will be responsible for building custom dashboard supporting continuous monitoring activities. The SIEM Admin will be responsible for coordinating with tech administrators to tune systems and devices. Identify and integrate internal and external data sources, create queries and maintain SIEM dashboards. The SIEM Admin will apply current STIGs and system updates to ensure SIEM system compliance.Job Duties Included:Create queries, dashboards, and visualizations to support customer requirements and monitoring of the SIEM deployment.

Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency approved change management processes. This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the environment.

Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions

Perform continuous engineering assessments to improve the performance, effectiveness, coverage, and maturity of this service.

Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with all Federal, DoD, directives, orders, polices, guidance, procedures etc.

Perform all development, design, engineering, testing, integration, and implementation actions needed for the total integration and interoperability between all applicable assets in the Government Furnished Information - Software Tools list. This includes ensuing all data flows are properly parsed for ingestion/transmission to internal and external automated reporting systems.

Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions

Use various monitoring, analysis, and visualization tools to track effectiveness, status, performance metrics, and other information as needed or required by Government staff and contractors assigned Cybersecurity Operations Services and Cybersecurity Readiness Services

Experience creating and fine-tuning SIEM content such as correlation rules, reports, dashboards, filters, channels, and integrating threat intelligence to improve accuracy and visibility to potential threats and alerts.

Monitoring and managing the health and performance of SIEM platform

Onboarding log sources and data sources, developing new and custom parses, and designing SIEM architecture reviews

Creating use cases and correlations alerts in the SIEM for continuous security monitoring

Security Operations experience with operating systems, or cloud infrastructures and services (Azure/AWS)

Participating in client meetings to further optimize their specific operational plan based on our best practices and operational learnings

Conveying complex technical security concepts to technical and non-technical audiences including executives.

Position Requirements:TS clearance required

3+ years of experience

DoD 8570.01-M IAT Level II and CSSP Infrastructure Support certifications

Monitor systems across a complex tech stack using elastic

Certification in Elastic, Splunk or other SIEM solution

Excellent analytical and problem-solving abilities

Strong presentation and communication skills

Knowledge of concepts and solutions of security services in the Zero-Trust model

Maintains enterprise cybersecurity infrastructure requirements

Applies Elastic search experience to optimize SIEM and data utilization for long term archive

Monitors, maintains and upgrades Elasticsearch environment

Elasticsearch/Splunk expert to include infrastructure support experience

AWS cloud expert

Linux (RHEL) Expert

Bash / Python Scripting

Experience working with log formats for syslog, http logs, and DB logs required.

Knowledge of industry standard design patterns in common languages such as Java and Unix / Linux shell scripting preferred.

Desired skills:Arcsight

Splunk

Access Management

Red Hat Certified System Administrator (RHCSA) or higher certification

SOAR

User Behavior Analytics (UBA)

Beats

Log Stash

Event Broker

Experience with Logstash

Defense in depth

Security Automation

Experience with the following administrative concepts:Agile development

Cross-Functional teams

Documentation/Learning management

Process management

WHAT GDIT CAN OFFER YOU:Full-flex work week

401K with company match

Internal mobility team dedicated to helping you own your career

Collaborative teams of highly motivated critical thinkers and innovators

Ability to make a real impact on the world around you

#DEE2020 #Defense #USAF #gditcareers #kmp #cloud #ICAM #SIEM #LinuxAdministrator #remote #AWS #cjobs #dicepost #gdpost #Cloud #SIEMengineer#AFOpportunities #NDRC22 #DEEOPEN8022022 #DEEjobsCOVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Vacancy expired!

Subscribe Report job