Apply on Employer Site

Peraton · 1 month ago

Senior SIEM Engineer

Rockville, MD

Full-time

Hybrid

Senior Level, Lead/Staff

$86K/yr - $138K/yr

8+ years exp

Peraton is a next-generation national security company that drives missions of consequence spanning the globe. They are seeking a Senior SIEM Engineer to enhance the Agency's cybersecurity posture and ensure the protection of national security and diplomatic information assets by leading the design and implementation of SIEM solutions.

Information TechnologyRobotics

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Design, implement, and maintain SIEM solutions (ArcSight or Splunk) to support enterprise-level monitoring and threat detection

Configure and deploy data collection mechanisms across diverse operating systems, applications, and network platforms

Integrate log sources and security data from multiple environments (on-premises and cloud) into the SIEM for centralized monitoring

Develop and maintain dashboards, correlation rules, alerts, and analytics to identify anomalous activity and potential security incidents

Troubleshoot and resolve dataflow, indexing, and ingestion issues between SIEM components

Support auditing, incident response, and system health monitoring processes

Collaborate with cybersecurity analysts, network engineers, and system administrators to enhance detection and response capabilities

Recommend improvements to logging, data normalization, and enrichment to improve detection fidelity

Assist in SIEM architecture upgrades, scalability improvements, and performance tuning

Provide technical documentation, standard operating procedures (SOPs), and guidance to ensure consistent SIEM operations and compliance

Qualification

SIEM solutionsArcSightSplunkCybersecurity experienceIAT Level III certificationData ingestion configurationDashboard creationNetworking fundamentalsScripting languagesTroubleshooting skillsCommunication skills

Required

Bachelor's degree and a minimum of 8 years of related experience in cybersecurity or information technology or 12 years of experience and a HS Degree/Diploma

At least 8 years of professional cybersecurity experience

Minimum 4 years of hands-on experience with ArcSight or Splunk platforms

Expertise in the design, implementation, and support of SIEM core components such as ESM, Loggers, Smart Connectors (ArcSight) or Indexers, Forwarders, Search Heads, and Cluster Managers (Splunk)

Proven ability to configure and administer data ingestion, forwarding, and parsing for multiple log sources

Strong troubleshooting skills related to log feeds, field extractions, and search performance

Demonstrated experience creating dashboards, visualizations, and analytics to support security operations

Certification: Must hold at least one IAT Level III certification such as CASP+, CISA, CISSP, GCED, or GCIH

Must be a US Citizen

Must be able to obtain and maintain the required agency clearance