Skip to Main Content

SIEM Engineer

Springfield, VA
  • Posted: over a month ago
  • Full-Time
  • Benefits: 401k, dental, life insurance, medical, vision,
Job Description

We are seeking an Elastic SIEM Engineer for immediate hire. The successful candidate will be responsible for managing the Elastic Cloud Enterprise & Elasticsearch platforms for an agency in DHS within Swish Data’s Center of Excellence (COE). You will be focused on the day-to-day operations and improvement of the ECE cluster utilized as the SIEM function within this agency.

Successful candidates will need to be familiar ElasticSearch, Kibana, and Logstash. Familiarity with Bash, REGEX, ELK, GROK, Ansible, ELK, and Linux are a plus.

This is an amazing opportunity for a cyber security engineer who thrives on protecting the US Government, and US citizens, from bad actors. Location for this position is in the Springfield VA area, primarily at a government facility.

Tasks within technical deployment and services:

  • Elastic SIEM solution development, integration, platform architecture, and capacity planning in mission-critical environments
  • Deploy, configure, test, troubleshoot, maintain, update/upgrade of Elastic Stack environments
  • Provide expertise in securing Elastic with TLS, SSO and encryption technologies
  • Providing subject matter expertise to assist the rest of the team in their roles
  • Ability to integrate with other operation data platforms and tools to include Confluent, SOAR, EDR, etc.
  • Assist in the planning of resources to continuously optimize the infrastructure and configuration of Elasticsearch to ensure a healthy and high-performance production environment
  • Operate with a high level of independence with the ability to act as a mentor to junior Cybersecurity Engineers.
  • Strong communication skills are required as well as the ability to work both independently and with a team.


  • DOD 8570 Level II certifications
  • US Citizenship
  • Active DOD Secret clearance

Technical/Business Knowledge

  • 7+ years of experience with IT with a focus in Linux sysadmin or cyber operations
  • 3+ years of experience with hands on operations of sizing, monitoring, and management, and open-source tools, including Logstash, ElasticSearch, and Kibana, or Splunk
  • Knowledge of planning and executing data retention and life cycle management plans
  • Hands-on experience administrating Elasticsearch clusters (10+ Data nodes)
  • Experience with Java, databases and Linux

Bonus points

  • Experience in building and managing Ansible playbooks
  • Experience in building GROK for logstash pipelines
  • Elastic Certified Analyst (ECA) and/or Elastic Certified Engineer (ECE) certifications
  • Knowledge of NIST 800-53 and DISA Security Technical Implementation Guides (STIGs), and risk management processes
  • Experience integrating Elasticsearch Enterprise wide deployments (10+ Data nodes)
  • Experience deploying and managing MinIO cluster
Company Description
Swish is a customer-centric, specialized integrator with an engineering first culture. Our core solutions are focused on IT modernization, performance engineering, and cybersecurity. Swish believes good people empowered to innovate, coupled with a continuous improvement culture and supportive leadership equals superior outcomes. To this end, Swish believes in hiring, rewarding, and retaining the most talented engineers and technologies in the industry.

Our people make Swish great. We work together on interesting projects and achieve exceptional results. We act as trusted advisors to our customers and are committed to client and industry innovation. We offer our people the chance to grow professionally with teammates they like and respect while tackling challenges that stretch their minds and expand their skill sets. We’re connected by our desire to innovate and continuously improve.

Swish’s high energy, challenging, and fast-paced work environment will keep you engaged and motivated. Work-life balance is a core priority at Swish.

SwishData is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.



Springfield, VA



What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.