Anavationllc2mo ago

SIEM Engineer

United States·WashingtonFull Timemid

OtherEngineerSite EngineerConstruction & Real Estate

5 views0 saves0 applied

Apply Now

Quick Summary

Overview

Be Challenged and Make a Difference In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

Key Responsibilities

· Support the architecture, engineering, optimization, and sustainment of Security Information and Event Management (SIEM) platforms supporting defensive cyber operations, advanced threat detection, incident response, and compliance initiatives ·…

Technical Tools

pythontypescriptcybersecuritylinux

Be Challenged and Make a Difference

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

Description of Task to be Performed:

AnaVation is seeking an experienced SIEM (Security Information and Event Management) Engineer to provide support to a mission critical customer. The selected candidate will be responsible for the design, deployment, configuration, and maintenance of SIEM systems across multiple classification enclaves.

Key Responsibilities

· Perform configuration, management and maintenance of network firewalls, security and encryption devices, including IDS, NAC and SIEM systems.

· Integrate diverse log sources including firewalls, IDS/IPS, EDR, servers, network devices, security appliances, and cloud environments.

· Optimize SIEM performance, storage architecture, data retention policies, and system scalability.

This position is on site with the customer in Washington, DC and cannot be supported remotely.

The selected candidate must possess an active TS clearance with the ability to obtain SCI accesses. Candidates

without an active TS cannot be considered.

6+ years of cybersecurity experience, with at least 5 years focused on SIEM engineering in enterprise environments.

Experience supporting federal government systems at multiple security levels, strong knowledge of federal cybersecurity frameworks, and the ability to provide technical support within a secure environment.

Hands-on experience with one or more enterprise SIEM platforms.

Experience engineering and sustaining SIEM solutions in classified or air-gapped environments.

Familiarity with cross-domain solutions and secure data transfer controls.

Strong expertise in:

Log normalization and parsing

Advanced correlation rule development

Threat detection engineering

Network protocols and traffic analysis

Windows and Linux security logging

Active TS clearance with the ability to obtain SCI accesses.

Bachelor’s degree in Information Technology, Computer Science, Information Systems or related field

Proficiency in scripting/automation (Python, PowerShell, Bash).