SIEM Engineer (Remote Opportunity) (REMOTE)

actionet

Job Description

Description

ActioNet is looking for a SIEM Engineer with an Active Secret Clearance for DISA, located in Vienna, VA or Baltimore, MD. Generally remote but must be able to travel to a DISA facility monthly and one a week to a Baltimore location. Other meetings as required in the Baltimore Washington corridor.

ActioNet is looking for a motivated SIEM (Security Information and Event Management) engineer to design, build and maintain an SEIM implementation in an AWS environment. Candidate must be able to speak clearly and gather requirements for reports, dashboards and rules creation. Candidate must be able and willing to document the environment. Candidate must be able to take the initiative to stay on top of the tool's capabilities, learn more about AWS. Specifically, regarding Networking, EC2 and logging. Candidate will then need to implement those rules and requirements in the SIEM environment. Some design sense a plus for designing dashboards. Candidate must be willing to implement SIEM in an Infrastructure as Code fashion.

Why ActioNet?
It is simple. We are passionate about the inspirational missions of our customers and we entrust our employees and teams to deliver exceptional performance to enable the safety, security, health and well-being of our nation.

Basic Qualifications:

  • Minimum 3 years' active experience with SIEM Tools
  • Active Secret Clearance
  • 3+ years active hands on experience with SIEM tools
  • Familiarity with common logging configurations (OS, Network, etc.)
  • Familiar with common logging method and setup (syslog, windows event logs, log aggregation, shipping)
  • Ability to Manage indices and data structures
  • Ability to configure Logstash ingest rules
  • Ability to design and build useful Kibana dashboards
  • Advise on Elastic (ELK) Stack implementation design
  • Implement Elastic (ELK) Stack
  • Knowledge of AWS CloudTrail, CloudWatch, CloudWatch Logs.
  • Desire to learn more about AWS and Elastic rapidly
  • CloudFormation a plus
  • Elastic Stack (ELK) experience a major plus
  • Ability to implement SIEM tools in a multitenant environment
What's in It For You?
As an ActioNeter, you get to be part of exceptional team and a corporate culture that nurtures mutual success for our customers, employees and our communities. We give you the tools to be successful; all you need to do is bring your best ideas, your energy and a desire to develop your skills, experience and career.

Are you ready to make a difference?

ActioNet is an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

FindTheBestJob is a free service and does not charge a fee at any stage of application or recruitment process. Don’t provide your bank account or credit card details to anyone during job application. FindTheBestJob does not guarantee the availability of a job since organizations may end applications earlier than due date.

Apply Now