Mid Level Security Information and Event Management (SIEM) Engineer
Apply NowCompany: ECS
Location: Suitland, MD 20746
Description:
ECS is seeking a Mid Level Security Information and Event Management (SIEM) Engineer to work in our Suitland, MD office.
ECS is a rapidly growing information security and information technology company in Washington, DC. We are looking for an experienced and motivated Mid-Level SIEM Engineer with a focus on Azure Sentinel, Cloud Security, and Event Management. The successful candidate will have a strong background in managing SIEM systems, specifically within Azure environments, and possess a deep understanding of cloud security and event management practices on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.
Position Responsibilities:
Salary Range: $75,000 - $86,500
General Description of Benefits
Certifications/Licenses:
ECS is a rapidly growing information security and information technology company in Washington, DC. We are looking for an experienced and motivated Mid-Level SIEM Engineer with a focus on Azure Sentinel, Cloud Security, and Event Management. The successful candidate will have a strong background in managing SIEM systems, specifically within Azure environments, and possess a deep understanding of cloud security and event management practices on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.
Position Responsibilities:
- Train and mentor junior security analysts and other team members on SIEM-related tasks.
- Provide guidance on best practices for log management, threat detection, and incident response.
- Maintain detailed documentation of SIEM configurations, processes, and procedures.
- Generate and present regular reports on SIEM performance, security incidents, and compliance metrics.
- Create and update incident response playbooks and runbooks.
- Support internal and external audits by providing necessary documentation and evidence.
- Regularly review and optimize SIEM system performance, including log ingestion, storage, and query efficiency.
- Troubleshoot and resolve issues related to SIEM system performance and reliability.
- Integrate the SIEM system with various log sources, including network devices, servers, applications, and cloud environments.
- Automate repetitive tasks and workflows using scripting languages like Python or PowerShell or tools such as Ansible.
- Stay up-to-date with the latest security threats, vulnerabilities, and attack vectors.
- Develop, implement, and update SIEM use cases, correlation rules, and dashboards.
- Ensure the SIEM system integrates effectively with other security tools and data sources.
- Utilize threat intelligence to enhance the SIEM system's detection capabilities.
Salary Range: $75,000 - $86,500
General Description of Benefits
- Proficiency in event management tools and techniques.
- Understanding of security frameworks, Executive Orders and compliance standards (e.g., NIST, ISO 27001, Executive Order 14028, GDPR).
- Familiarity with cloud security principles and practices, preferably with a focus on Azure.
- Excellent communication and documentation skills.
- Ability to work independently and as part of a team.
- Strong background in event management and incident response.
Certifications/Licenses:
- 5+ years' experience security engineering experience and SIEM (security incident and event monitoring) administration, deployment, and/or architectural design
- Certifications such as Azure Security Engineer, GIAC Certified Incident Handler (GCIH), GIAC Cloud Security and DevSecOps Automation (GCSA) or similar.
- Active Public Trust clearance or eligible to obtain a Public Trust clearance