SIEM/Tool Engineer

PeratonHerndon, VA
13h$104,000 - $166,000
Match Resume

About The Position

We are seeking a highly skilled and innovative SIEM/Tool Engineer to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities Architect, administer, and scale enterprise SIEM and security monitoring platforms; integrate telemetry from network, endpoint, cloud, identity, and OT sources. Develop and maintain parsing/normalization logic, data enrichment pipelines, dashboards, alerting, and automated workflows to support detection and analytic scalability. Implement performance optimization strategies, capacity planning, and tuning to ensure reliable, high‑volume ingestion and query performance. Lead platform upgrades, patching, health monitoring, configuration management, and high‑availability operations to sustain operational resilience. Build and maintain reusable correlation rules, detection content, and analytic libraries; collaborate with detection engineers to operationalize use cases. Design and oversee retention, storage, and evidence export processes to support investigations, RMF/evidence needs, and auditability. Troubleshoot platform issues, conduct root‑cause analysis of ingestion/parsing failures, and coordinate remediation with data engineering and security teams. Establish platform governance, hardening baselines, access controls, and operational runbooks; mentor platform operators and engineers. Produce architecture artifacts, capacity/health reports, and executive summaries to inform leadership and roadmap decisions. #ENOCS

Requirements

  • Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
  • Clearance: Active TS/SCI clearance.
  • Candidate must meet ONE of the following: Master’s degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR Relevant DoD/military training (documented advanced SIEM/forensics/analytics coursework); OR Relevant professional certification or equivalent experience (examples: GREM; CFR; CySA+; GCFA; GCFE; PenTest+).
  • Security engineering, SIEM/platform engineering, or analytics platform experience with at least 3 years architecting/operating enterprise SIEM solutions.
  • Deep expertise in log parsing/normalization, ingestion pipelines, detection rule design, dashboarding, and alert/workflow automation.
  • Hands‑on experience with major SIEM/analytics platforms (e.g., Splunk, Elastic, QRadar, Microsoft Sentinel) and related ecosystem tooling.
  • Proven ability to perform capacity planning, performance tuning, high‑availability design, and platform upgrade/migration activities.
  • Strong scripting/automation skills (Python, PowerShell, Bash), familiarity with data pipelines, and ability to produce audit‑quality export/evidence flows.

Nice To Haves

  • Prior DoD/ARNG SIEM engineering or SOC platform experience and familiarity with RMF/evidence workflows.
  • Training such as DC3 Cyber Forensics Course and advanced forensic/IR certifications (e.g., GREM, GCFA) preferred.

Responsibilities

  • Architect, administer, and scale enterprise SIEM and security monitoring platforms; integrate telemetry from network, endpoint, cloud, identity, and OT sources.
  • Develop and maintain parsing/normalization logic, data enrichment pipelines, dashboards, alerting, and automated workflows to support detection and analytic scalability.
  • Implement performance optimization strategies, capacity planning, and tuning to ensure reliable, high‑volume ingestion and query performance.
  • Lead platform upgrades, patching, health monitoring, configuration management, and high‑availability operations to sustain operational resilience.
  • Build and maintain reusable correlation rules, detection content, and analytic libraries; collaborate with detection engineers to operationalize use cases.
  • Design and oversee retention, storage, and evidence export processes to support investigations, RMF/evidence needs, and auditability.
  • Troubleshoot platform issues, conduct root‑cause analysis of ingestion/parsing failures, and coordinate remediation with data engineering and security teams.
  • Establish platform governance, hardening baselines, access controls, and operational runbooks; mentor platform operators and engineers.
  • Produce architecture artifacts, capacity/health reports, and executive summaries to inform leadership and roadmap decisions.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Number of Employees

5,001-10,000 employees

Job Search Resources

Similar SIEM/Tool Engineer job opportunities

🔥 New JobSIEM/Tool Engineer
Peraton
Peraton • Herndon, VA1d
Lead SIEM Engineer
M&T Bank
M&T Bank • Bridgeport, CT5d • Hybrid
Lead SIEM Engineer
M&T Bank
M&T Bank • Buffalo, NY5d • Hybrid
Lead SIEM Engineer
M&T Bank
M&T Bank • Buffalo, NY6d • Hybrid
Lead SIEM Engineer
M&T Bank
M&T Bank • Bridgeport, CT6d • Hybrid
Lead SIEM Engineer
M&T Bank
M&T Bank • Wilmington, DE6d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service