(Junior/Entry) SIEM Engineer
ECS is seeking a SIEM Engineer I to work in our Fairfax, VA office.
Are you passionate about the ever-evolving field of cybersecurity and ready to embark on a career with a positive and lasting impact? Join our dynamic team at ECS, a leading provider of solutions in science, engineering, and advanced technologies, including cloud, cybersecurity, artificial intelligence (AI), data, and enterprise transformation solutions. As a SIEM Engineer I, you'll play a crucial role in our mission to safeguard organizations against cyber threats. If you're seeking a challenging yet rewarding position where you can enhance your skills, collaborate with experts in the field, and contribute significantly to the protection of digital assets, this opportunity is perfect for you.
Our SIEM Engineer I positions are at the forefront of our Managed Security Services Provider (MSSP) team, responsible for strengthening the digital defenses of our clients. Your primary focus will be on ensuring the reliability and security of our Security Information and Event Management (SIEM) systems, which are often the first line of defense against cyber adversaries. You'll delve deep into the intricacies of SIEM technology, assist in implementing cutting-edge solutions, and work closely with our experienced team to detect and mitigate emerging threats. If you're a tech-savvy individual with a strong desire to protect organizations from the evolving cyber threat landscape, this role offers a unique opportunity to hone your skills and make a significant impact in the world of cybersecurity.
- Assist with the installation, configuration, and deployment of SIEM solutions for clients, ensuring they are tailored to their specific needs and compliance requirements.
- Work closely with senior engineers to understand the deployment architecture and necessary configurations.
- Perform routine maintenance on SIEM systems, including patches, updates, and upgrades.
- Ensure the SIEM system is running with optimal performance and reliability.
- Assist with integrating the SIEM platform with other tools and systems, such as log aggregators, endpoint protection, and network monitoring solutions.
- Help with scripting to integrate or automate tasks between the SIEM and other systems.
- Regularly conduct system health checks and monitor the performance of the SIEM.
- Document issues and work collaboratively to troubleshoot and resolve them promptly.
- Work under supervision to adjust the SIEM configuration for better performance, more accurate data collection, or to reflect changes in the monitored environment.
- Maintain accurate documentation on SIEM system configuration, operations, and procedures.
- Ensure that any system changes, updates, or processes are documented in a timely manner for reference and compliance purposes.
- Liaise with vendors for support and troubleshooting of product-related issues.
- Engage in training to familiarize yourself with the features and capabilities of the SIEM platform.
- Take part in knowledge transfer sessions with peers and document learnings for internal use.
- Support the security analysts to ensure that the needs of the security operations team are met by the SIEM system's capabilities.
- Participate in continuous improvement initiatives to streamline SIEM-related processes.
- Provide feedback on how to automate repetitive tasks or improve system configurations.
- Up to three years of experience demonstrating proficiency in the following skills:
- Familiarity with SIEM technology, concepts, and common platforms such as Elastic, Splunk, IBM QRadar, or LogRhythm.
- Familiarity with system administration for various operating systems, particularly those commonly used in corporate environments like Windows, Linux, and MacOS.
- A grasp of fundamental cybersecurity principles, including threat landscapes, security protocols, and various types of cyberattacks.
- Knowledge of scripting languages such as Python, PowerShell, or Bash for automation of tasks and integration of different systems with the SIEM.
- Aptitude for troubleshooting and problem-solving, including being able to logically deduce where issues may lie and how to correct them.
- The ability to work effectively in a team environment, often collaborating with other engineers, IT staff, and security analysts.
- Good verbal and written communication skills for documenting processes, explaining technical concepts, and reporting to higher management or technical teams.
- Other Requirements of the position include:
- Able and willing to support domestic or international on-site travel with customers or at ECS offices.
- Possess and maintain a U.S. Passport.
- Wear professional business attire for in-person meetings and teleconferences with internal and external organizations.
- Perform duties not explicitly listed in this position description, as assigned.
- Able and willing to obtain a US Security Clearance.
- Bachelor's degree; preferably in Computer Science, Information Security, or a related field. Will consider experience in lieu of a degree.
- Hands-on experience with specific SIEM platforms, indicating a deeper understanding of their features and capabilities beyond basic theory. Experience with Elastic is highly preferred.
- Experience integrating SIEMs with SOAR and IRCM.
- Experience deploying, configuring, maintaining, and troubleshooting Elasticsearch and Kibana on bare metal, Elastic Cloud Enterprise (ECE), Elastic Cloud on Kubernetes (ECK), and/or Elasticsearch Service.
- Configuration management experience through Ansible/Terraform/Chef/Puppet or like tools.
- Security community contributions (blog posts, white papers, conference talks, tool development, etc.)
- A stronger grasp of advanced network infrastructure, including cloud networks, virtual networks, and network segmentation, which can be crucial for more sophisticated SIEM deployments.
- Skills in project management and familiarity with methodologies like Agile can be beneficial, particularly in managed service environments.
- Familiarity with implementing machine learning pipelines and integrating AI-driven analytics into SIEM for improved incident detection and automated response.
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800 employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
Get fresh (Junior/Entry) SIEM Engineer jobs daily straight to your inbox!
You Already Have an Account
We're sending an email you can use to verify and access your account.
If you know your password, you can go to the sign in page.