SIEM/SOAR Support Specialist

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, Engineering, or related discipline.
• Minimum 4 years of experience in cybersecurity operations, security monitoring, SIEM/SOAR engineering, or a closely related support function.
• At least two (2) years federal or DoW experience.
• Hands-on familiarity with SIEM platforms (e.g., Splunk, Elastic, Azure Sentinel, IBM QRadar) and SOAR technologies.
• Working understanding of logging/monitoring, audit controls, correlation rules, and compliance frameworks (NIST, FISCAM, SOC, RMF).
• Strong communication and documentation skills; ability to support cross-functional teams and coordinate tasks under senior guidance.
• Active U.S. Secret clearance.
• Ability to travel up to 25%

Nice To Haves

• Experience with cloud-native SIEM/SOAR solutions (AWS, Azure, GCP) and basic automation/orchestration tooling.
• Experience contributing to audit support activities or IT control testing
• Familiarity with DoW or federal cybersecurity governance processes and audit methodologies (GAO FISCAM).
• Exposure to creating architecture diagrams, technical documentation, and operational playbooks.
• Certifications relevant to SIEM/SOAR or cybersecurity operations (e.g., Splunk Certified, GIAC Detection Analyst, Security+, CISSP, CISA, CISM)

Responsibilities

• Support SIEM/SOAR onboarding of enterprise system logs and track integration progress, dependencies, and issues under direction from the Program Lead.
• Assist in validating logging, monitoring, and audit requirements; document design constraints and gaps and help with remediation recommendations.
• Contribute to day-to-day SIEM/SOAR operations, including log ingestion, detection tuning, analytics, automation playbooks, and performance checks
• Help develop and maintain documentation (SDDs, playbooks, CONOPS, architectures) and dashboards/evidence repositories for audits.
• Support audit compliance activities by preparing evidence, addressing findings, and aligning monitoring capabilities to FISCAM/NIST control requirements.
• Assist with incident monitoring, alert triage, escalation documentation, and response coordination across stakeholders.
• Help integrate cloud-native logging and visualization tools and support AI/ML enhancements to improve alert fidelity and automated response.

Benefits

• Medical, Dental, Vision, Life, AD&D, and Disability Insurance
• 401(k) Retirement Plan and 529 Education Savings Plan
• Flexible Spending & Health Savings Account
• Accident, Critical Illness, Hospital Indemnity Insurances
• Legal Insurance and Pet Insurance
• Employee Assistance Program, fitness and wellness benefits, and other firm benefits
• Paid holidays, vacation, and sick time