SIEM Infrastructure and Detection Engineer

About The Position

Requirements

• U.S. Citizenship with ability to obtain and maintain a DOE 'L' clearance
• Hands-on experience with at least one enterprise SIEM platform (Splunk, Elastic, QRadar, or LogRhythm)
• Experience integrating SIEM with enterprise IT systems, cloud platforms, or endpoint detection tools
• Experience onboarding diverse log sources (network, endpoint, cloud, SaaS) and tuning correlation rules
• Proficiency in scripting (Python, PowerShell, or Bash) for automation and data integration
• A Bachelor's or equivalent and minimum 5 years of experience in cybersecurity engineering and security monitoring, including 3+ years dedicated to SIEM engineering

Responsibilities

• Lead the design, deployment, and monitoring of enterprise SIEM platforms (e.g., Splunk, Elastic Stack)
• Architect, implement, and maintain integrations with enterprise systems, cloud environments, and security tools (e.g., EDR, IDS/IPS, firewalls, TIP)
• Develop and optimize dashboards, alerts, and data pipelines
• Automate platform tasks and SIEM processes using scripting (e.g., Python, PowerShell, bash)
• Monitor and tune platform performance to ensure high availability and accuracy of security data
• Troubleshoot and resolve platform-related issues in coordination with analysts and engineers
• Collaborate with federal stakeholders to align SIEM capabilities with ISCM and CDM reporting requirements
• Maintain documentation of platform configurations, standard operating procedures, and system baselines