Security Information and Event Management (SIEM)/Linux Administrator

Clearance Level
Top Secret
Category
Systems Administration
Location
Wiesbaden, Germany

REQ#: RQ120657

Travel Required: Less than 10%
Requisition Type: Regular

GDIT has an exciting opportunity for a Security Information and Event Management (SIEM)/Linux Administrator to support U.S. Army Europe in Wiesbaden Germany.

The SIEM/Linux Administrator will serve as a member of a Systems team as the Security Information and Event Management (SIEM)/Linux administrator.  The SIEM administrator will be responsible for ensuring that logs are collected from systems and devices across the architecture into SIEM system for analysis. 

Creates queries, dashboards, and visualizations to support customer requirements and monitoring of the SIEM deployment. 

The SIEM Admin will be responsible for coordinating with network administrators to tune IDS/IPS devices.  Identify and integrate internal and external data sources, create queries and maintain SIEM dashboards. The SIEM Adin will apply current STIGs and system updates to ensure SIEM system compliance.

Qualifications:

  • US Top Secret Security Clearance (or Secret with SSBI)

  • BA Degree and 5-7 years experience

  • Must be able to obtain German TESA

  • Must possess DoD 8570 certification

  • Red Hat Certified System Administrator (RHCSA) or higher certification preferred.

  • Certification in Splunk or other SIEM solution desired.

  • 2-5 Years' experience in managing and working with Splunk, ArcSight, Elastic, or RSYSLOG required.

  • Experience working with log formats for syslog, http logs, and DB logs required.

  • Knowledge of industry standard design patterns in common languages such as Java and Unix / Linux shell scripting preferred.

  • Experience using STIGs and maintaining SIEM system compliance required.

  • Knowledge of Linux and Windows platforms and their logging characteristics preferred.

  • Experience with advanced scripting languages (e.g. Python, Groovy, Powershell, Gradle, JSON, JavaScript) preferred.

  • Knowledge of version control systems (Git, Bitbucket) preferred.

  • Knowledge of network security zones, firewall, IDS preferred.


About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.