We are GDIT. Contributes to the completion of major engineering programs and may function in a project leadership role.
The scope of the program is to deliver Enterprise Information Technology as a Service (EITaaS) to satisfy classified IT requirements, improve the user experience/productivity, and increase mission effectiveness. The customer desires to consolidate multiple disparate expenditures and IT projects into a consolidated enterprise while still allowing users the ability to tailor their services and service levels to meet mission requirements. Under this service model the customer recognizes that EITaaS will drive changes in how IT services are established, invoiced, delivered, and consumed. The customer seeks to achieve an enduring, robust, efficient, responsive, agile, extensible, and secure IT architecture that is appropriately staffed and resourced to meet the demands of current and future programs and users.
The Senior SIEM Engineer designs, engineers, documents and implement changes for the selected SIEM solution. Elastic Security SIEM’s offering is currently in use with plans to evaluate Azure Sentinel. Participates in technical reviews, teams, and discussions as needed to include: Engineering Review Teams (ERT), project and other technical implementation teams, and the Architecture Engineering Review Panel (AERP). Training or experience interacting with or configuring Azure Sentinel, Azure Security Center and Azure Stack Hub would be highly desirable. The ideal candidate will be a motivated self-starter with excellent written and verbal communication skills, who exceeds as an individual, as well as, excels among peers in a team environment. The individual should possess a passion for operational excellence and a background in security operations and hands-on experience with SIEM implementation, understanding of data onboarding and parsing and upkeep of SIEM platform to adjust in the changing threat landscape.
Minimum Education Required:
BA/BS degree in Computer Science, Information Systems, Engineering, Mathematics, or other related scientific or technical discipline is preferred
Allowable Substitution: Six (6) years of related experience or four (4) years of related experience with an AA/AS degree
Minimum Experience Required:
10+ years of relevant industry experience
Develop metrics and trends that demonstrate the log platforms health and operational state.
Participate in information security audits, ensuring the technical compliance with related regulatory requirements.
Define, document, and implement appropriate delivery, parsing, reporting, and retention of security-relevant log information.
Research and document security best practices to continually improve the deployment and use of the SIEM.
Maintain the health, performance, stabilization, tuning and ongoing planning of the SIEM platform.
Work with other teams in the integration of security tools with the SIEM.
Develop new SIEM content including correlation rules, dashboards, reports, and alerts that appropriately characterize the importance of events of interest found in multiple environments.
Ability to work with little supervision in high stress / high visibility environments with time sensitive requirements. Ability to work independently and as part of a team. Ability to take direction and retain information
Applies advanced methods, theories and research techniques in the investigation and solution of the complex system requirements and problems. Develops training tools and documentation; oversees implementation of same
Provides technical consultation on current and proposed systems to other organizations and clients
Assist in the planning and performing of analytical research, design development, and other assignments in conformance with design, engineering and customer specifications
Applies new solutions through research and collaboration with team and determines course of action for new application initiatives
DoD 8570 Baseline Certification Requirement: IAT Level II (Security+CE or equivalent)
Desired Certification(s): IAT Level III (CASP+CE, CISSP or equivalent), Intermediate Level industry certification (i.e., Microsoft, AWS, Splunk, etc.)
Clearance Level Must Currently Possess: Top Secret/SCI
Clearance Level Must Be Able To Maintain: Top Secret SCI + CI Polygraph
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.