Principal ITSM Incident Analyst
About The Position
At BAE Systems, we're passionate about delivering innovative IT solutions that enable our customers to achieve their missions. As a Principal Security Systems Engineer, you'll play a critical role in providing exceptional IT support to the customer. You'll be part of a dynamic team that values innovation, teamwork, and customer satisfaction. As a Principal Security Systems Engineer, you'll configure, operate, maintain, and enhance government SIEM (Security Information and Event Management) tools to enable proactive monitoring, threat detection, and response across all supported networks and enclaves. Your day-to-day responsibilities will include configuring and tuning SIEM tools, operating SIEM environments, maintaining SIEM systems, and supporting enhancements. By joining our team, you'll have the opportunity to work on exciting projects, collaborate with a talented team, and make a significant impact on the customer's operations. You'll be expected to collaborate with cross-functional teams to investigate alerts, conduct root cause analysis, and document findings for post-incident reviews. If you're a motivated and skilled IT professional looking for a new challenge, we encourage you to apply.
Requirements
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field (or equivalent experience)
- 6+ years of experience in SIEM configuration, operations, and maintenance, with hands-on expertise supporting threat monitoring and response in government or large enterprise networks
- Proven track record enhancing SIEM tools for multi-enclave environments, including log analysis and rule development
- Active DoD Secret Clearance (must be current and transferable)
- Strong knowledge of federal cybersecurity frameworks (e.g., NIST 800-53, RMF) and ITIL practices for service security management
- Proficiency in SIEM platforms (e.g., Splunk SPL, Kibana queries) and related tools (e.g., Wireshark for traffic analysis)
- Excellent analytical and problem-solving skills for high-pressure threat response scenarios
- Applies extensive expertise, and has full knowledge of other related disciplines, with the ability to exercise considerable latitude in determining objectives and approaches to assignment
Nice To Haves
- Certified Information Systems Security Professional (CISSP)
- GIAC Certified Intrusion Analyst (GCIA)
- Splunk Certified Power User or Admin
- Experience supporting DoD or large federal SIEM deployments, including integration with EDR tools and multi-cloud enclaves
- ITIL 4 Foundation or higher certification, with focus on incident and problem management
- Background in scripting (e.g., Python, Bash) for SIEM automation and threat hunting
- Master's degree in a relevant field or additional certifications (e.g., CompTIA Security+)
Responsibilities
- configuring and tuning SIEM tools
- operating SIEM environments
- maintaining SIEM systems
- supporting enhancements
- collaborate with cross-functional teams to investigate alerts
- conduct root cause analysis
- document findings for post-incident reviews
Benefits
- health, dental, and vision insurance
- health savings accounts
- a 401(k) savings plan
- disability coverage
- life and accident insurance
- employee assistance program
- a legal plan
- discounts on things like home, auto, and pet insurance
- paid time off
- paid holidays
- paid parental, military, bereavement, and any applicable federal and state sick leave
- Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Industry
Transportation Equipment Manufacturing
Number of Employees
5,001-10,000 employees
