Security Information and Event Management (SIEM) Engineer – Senior Consultant
About The Position
As a Senior Consultant in Guidehouse’s cyber practice, you will lead the design, implementation, and continuous improvement of SIEM capabilities for a federal law enforcement agency’s classified environment. You’ll combine hands on SIEM engineering with client facing consulting: translating mission risk into actionable detections, mentoring junior engineers/analysts, and advising stakeholders on monitoring strategy, metrics, and governance. This blend reflects Guidehouse’s model where senior consultants drive client outcomes, contribute to business development, and support people development across the engagement. What You Will Do : You will design, implement, and support security information and event management (SIEM) capabilities for a federal law enforcement agency’s classified data processing systems directorate. You will monitor, analyze, and correlate security events across classified environments to identify potential threats, vulnerabilities, and anomalous activity. Working closely with cybersecurity, network, and systems teams, you will configure log ingestion, develop detection use cases, tune alerts, and support incident response and forensic investigations. You will also support system authorization and continuous monitoring activities, maintain SIEM documentation, and ensure security monitoring solutions align with federal standards and mission requirements.
Requirements
- Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field
- Active Top Secret clearance with SCI eligibility
- Minimum of SEVEN (7) years in security engineering with FOUR (4) in SIEM; expertise in Splunk/Elastic/Sentinel
- One or more of the following certifications: Security+ (or equivalent DoD 8570 IAT Level II) AWS Certified Security - Specialty Certified Cloud Security Professional (CCSP) Certified Information Systems Security Professional (CISSP)
Nice To Haves
- Master's degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience)
- Experience in federal government or diplomatic environment at the department level or experience supporting classified environments within federal law enforcement or Intelligence Community organizations
- Experience integrating SIEM with IDS, firewalls, and endpoint security tools
- Experience with SIEM in hybrid/zero-trust architectures
- Knowledge of NIST cybersecurity frameworks (800-53, 800-171, 800-190)
- Additional cloud security certifications (AWS, Azure, GCP)
Responsibilities
- Lead SIEM strategy workshops, roadmap development, and stakeholder presentations.
- Architect log ingestion pipelines, develop correlation rules, dashboards, and KPIs.
- Align monitoring to NIST SP 800-53 and ISCM requirements.
- Extend SIEM coverage to AWS/Azure/GCP.
- Integrate SIEM with SOAR and automate enrichment.
- Establish content lifecycle governance and mentor junior staff.
Benefits
- Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- Position may be eligible for a discretionary variable incentive bonus
- Parental Leave and Adoption Assistance
- 401(k) Retirement Plan
- Basic Life & Supplemental Life
- Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
- Short-Term & Long-Term Disability
- Student Loan PayDown
- Tuition Reimbursement, Personal Development & Learning Opportunities
- Skills Development & Certifications
- Employee Referral Program
- Corporate Sponsored Events & Community Outreach
- Emergency Back-Up Childcare Program
- Mobility Stipend
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
