SIEM & Data Pipeline Technical Lead/SME

About The Position

Requirements

• 10+ years of experience designing, installing, maintaining, and supporting enterprise IT systems.
• 5+ years of experience at the Senior Engineer level or higher.
• 3+ years of experience implementing and managing SIEM platforms and cybersecurity tools.
• Hands-on experience with hybrid IT environments (on-premises and cloud).
• Deep understanding of log formats (CEF, LEEF, JSON, XML), normalization, enrichment, and correlation.
• Proficiency with scripting and automation using Python and JavaScript.
• Experience developing CI/CD pipelines and DevOps workflows for data operations.
• Ability to write complex queries in SPL, SQL, or equivalent languages.
• Familiarity with cloud security concepts and operations for AWS, Azure, O365.
• Hands-on experience with federal compliance frameworks: FISMA, NIST 800-53, NIST 800-92, OMB M-21-31, CDM.
• Excellent problem-solving, analytical, verbal, and written communication skills.
• Proven ability to collaborate with third-party vendors and cross-functional teams.

Nice To Haves

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
• Familiarity with MITRE ATT&CK framework and threat intelligence integration.
• Prior experience developing dashboards, reporting, and executive briefings for SIEM data.
• Experience in federal or large-scale enterprise environments with complex security monitoring requirements.

Responsibilities

• Lead design, implementation, and administration of SIEM solutions and associated data pipelines.
• Manage log ingestion, routing, filtering, transformation, normalization, and enrichment processes across diverse systems.
• Ensure consistent event correlation and alerting based on normalized and enriched data.
• Develop, maintain, and optimize data pipelines using CI/CD and DevOps practices for repeatable and reliable data integration.
• Write complex queries and dashboards using SPL (Splunk), SQL, or equivalent query languages.
• Ensure integration of cloud logging services and security tools into SIEM platforms for continuous monitoring.
• Apply knowledge of AWS, Azure, O365, and hybrid IT environments to support secure logging, monitoring, and data collection.
• Implement security hardening and compliance configurations for cloud-based services and infrastructure.
• Integrate cloud and on-premises data pipelines with enterprise SIEM and monitoring systems.
• Serve as the technical lead and SME, providing guidance on SIEM deployment, log normalization, and data pipeline development.
• Collaborate with cross-functional teams, third-party vendors, and federal stakeholders to implement and maintain SIEM and data operations.
• Mentor team members on best practices for data ingestion, transformation, and correlation.
• Provide clear technical communication and reporting to technical teams, non-technical stakeholders, and executive leadership.
• Ensure SIEM and data pipeline solutions meet federal compliance requirements, including FISMA, NIST 800-53, NIST 800-92, OMB M-21-31, and CDM.
• Apply knowledge of data governance principles and frameworks such as MITRE ATT&CK for threat modeling and event correlation.
• Perform root cause analysis of security issues and develop effective solutions to mitigate risks.

Benefits

• MBL Technologies offers a competitive salary adjusted for candidate qualifications partnered with an industry-leading benefits package.
• This package includes incentive plans with corporate and individual-based performance bonuses, 401K, PTO, remote work, health and wellness programs, employee discounts, and learning and development reimbursement.