Business Group Highlights
The Defense group supports the Department of Defense (DoD) mission to keep our homeland and its citizens safe. We provide solutions to improve the Nation's defense by providing software, systems engineering, IT, training and logistics and fleet management solutions.
The SIEM Engineer will be responsible for creation of procedures, implementation of processes and development of staff for managing and maintaining security systems across internal and client environments. Experience and knowledge of SIEM or Situational Awareness are essential. The SIEM Engineer will work closely with Management, Senior Engineers, Threat Analysts, Solution Architects, other Security Engineers and clients to complete high profile, critical services to existing Managed Security Service clients. Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution.
- Act as a point of escalation for other Engineers and provide guidance and mentoring.
- Report generation and notification to senior leadership about potential client Service Level Agreement (SLA) issues.
- Provide consulting services to assist with the implementation of multiple product vendors and technologies.
- Implement and configure SIEM software and appliance-based products in large enterprise environments.
- Develop and deploy Splunk SIEM content and reporting.
- Provide escalation support to Tier 1 and 2 for Authorized Support
- Perform knowledge transfers and train clients regarding security and system configuration
- 5+ years professional experience supporting and maintaining SIEM systems.
- 2-3 years professional experience working with networks and network architecture.
- Splunk Enterprise Security experience, including administration, and integration with backend systems.
- Experience with creation of Splunk data models.
- Ability to verbally communicate intent and logic of SPL queries.
- Experience with mapping security use cases to SPL.
- Experience with advanced tuning of SIEM content.
- College degree or equivalent training with experience working in a Security Operations Center.
- Information security knowledge in one or more areas such as Enterprise end-point security products (i.e. McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.) Security Information and Event Manager (SIEM), Firewall, Web Proxy, E-Mail and Web Gateway etc. to include: Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva etc.
- Understanding of network operations a must; ideal candidate will have worked with network engineering or network security analysis.
- Experience with SIEM content creation and reporting.
- Excellent time management, reporting, and communication skills.
- Superior IT problem-solving skills.
- Experience with Linux OS.
- Strong technical writing skills and the ability to explain complex problems to nontechnical teams
What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sector—from investigative services and IT strategy to systems work and next-generation engineering.
Our promise is simple:
never stop solving our nation’s most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to just that, as a partner of choice across the entire sector.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories.
Apply for this job onlineApply
Email this job to a friendRefer
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed
As a government contractor, Perspecta abides by the following provision
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)