ECS Limited
SIEM Infrastructure and Detection Engineer
ECS Limited, Portland, Oregon, United States, 97204
Overview
SIEM Infrastructure and Detection Engineer at ECS. ECS is seeking a
SIEM Infrastructure and Detection Engineer
to work in our
Portland, Oregon
office. The SIEM Infrastructure and Detection Engineer supports a federal energy sector cybersecurity program by engineering, maintaining, and optimizing the SIEM infrastructure and security monitoring platform, including detections, visualizations, dashboards, and reporting. This role ensures the reliability and effectiveness of SIEM and related monitoring tools to meet Information Security Continuous Monitoring (ISCM) and Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) requirements. The engineer works directly with security analysts, system owners, and DHS CDM teams to ensure continuous visibility, timely detection, and compliance with federal cybersecurity standards. Responsibilities
Lead the design, deployment, and monitoring of enterprise SIEM platforms (e.g., Splunk, Elastic Stack) Architect, implement, and maintain integrations with enterprise systems, cloud environments, and security tools (e.g., EDR, IDS/IPS, firewalls, TIP) Develop and optimize dashboards, alerts, and data pipelines Automate platform tasks and SIEM processes using scripting (e.g., Python, PowerShell, bash) Monitor and tune platform performance to ensure high availability and accuracy of security data Troubleshoot and resolve platform-related issues in coordination with analysts and engineers Collaborate with federal stakeholders to align SIEM capabilities with ISCM and CDM reporting requirements Maintain documentation of platform configurations, standard operating procedures, and system baselines
Required Skills
U.S. Citizenship with ability to obtain and maintain a DOE L clearance Hands-on experience with at least one enterprise SIEM platform (Splunk, Elastic, QRadar, or LogRhythm) Experience integrating SIEM with enterprise IT systems, cloud platforms, or endpoint detection tools Experience onboarding diverse log sources (network, endpoint, cloud, SaaS) and tuning correlation rules Proficiency in scripting (Python, PowerShell, or Bash) for automation and data integration A Bachelor's or equivalent and minimum 5 years of experience in cybersecurity engineering and security monitoring, including 3+ years dedicated to SIEM engineering
Desired Skills
Advanced Splunk engineering experience (indexer/search head clustering, CIM compliance, custom TAs) Experience with Elastic Stack (Elasticsearch, Logstash, Kibana) deployment and management Familiarity with SOAR integration and orchestration for automated response Experience with configuration management tools (e.g., Ansible, Terraform, Chef, Puppet) Familiarity with Zero Trust principles and cloud security architectures (AWS, Azure, GCP) Exposure to OT/ICS environments within critical infrastructure Strong understanding of federal cybersecurity frameworks (e.g., NIST SP 800-53, ISCM, CDM) Relevant certifications such as Splunk Certified Admin, Elastic Engineer, or CISSP ECS
is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People. Seniority level
Not Applicable Employment type
Full-time Job function
Information Technology Industries
IT System Data Services Referrals increase your chances of interviewing at ECS by 2x Locations
Beaverton, OR; Hillsboro, OR; Portland, OR Portland, OR $81,750.00-$109,000.00 2 days ago Portland, OR $77,000.00-$96,000.00 1 week ago Portland, OR $75,000.00-$160,000.00 5 hours ago Additional related roles and salary ranges may be listed on the job site. ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. #J-18808-Ljbffr
SIEM Infrastructure and Detection Engineer at ECS. ECS is seeking a
SIEM Infrastructure and Detection Engineer
to work in our
Portland, Oregon
office. The SIEM Infrastructure and Detection Engineer supports a federal energy sector cybersecurity program by engineering, maintaining, and optimizing the SIEM infrastructure and security monitoring platform, including detections, visualizations, dashboards, and reporting. This role ensures the reliability and effectiveness of SIEM and related monitoring tools to meet Information Security Continuous Monitoring (ISCM) and Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) requirements. The engineer works directly with security analysts, system owners, and DHS CDM teams to ensure continuous visibility, timely detection, and compliance with federal cybersecurity standards. Responsibilities
Lead the design, deployment, and monitoring of enterprise SIEM platforms (e.g., Splunk, Elastic Stack) Architect, implement, and maintain integrations with enterprise systems, cloud environments, and security tools (e.g., EDR, IDS/IPS, firewalls, TIP) Develop and optimize dashboards, alerts, and data pipelines Automate platform tasks and SIEM processes using scripting (e.g., Python, PowerShell, bash) Monitor and tune platform performance to ensure high availability and accuracy of security data Troubleshoot and resolve platform-related issues in coordination with analysts and engineers Collaborate with federal stakeholders to align SIEM capabilities with ISCM and CDM reporting requirements Maintain documentation of platform configurations, standard operating procedures, and system baselines
Required Skills
U.S. Citizenship with ability to obtain and maintain a DOE L clearance Hands-on experience with at least one enterprise SIEM platform (Splunk, Elastic, QRadar, or LogRhythm) Experience integrating SIEM with enterprise IT systems, cloud platforms, or endpoint detection tools Experience onboarding diverse log sources (network, endpoint, cloud, SaaS) and tuning correlation rules Proficiency in scripting (Python, PowerShell, or Bash) for automation and data integration A Bachelor's or equivalent and minimum 5 years of experience in cybersecurity engineering and security monitoring, including 3+ years dedicated to SIEM engineering
Desired Skills
Advanced Splunk engineering experience (indexer/search head clustering, CIM compliance, custom TAs) Experience with Elastic Stack (Elasticsearch, Logstash, Kibana) deployment and management Familiarity with SOAR integration and orchestration for automated response Experience with configuration management tools (e.g., Ansible, Terraform, Chef, Puppet) Familiarity with Zero Trust principles and cloud security architectures (AWS, Azure, GCP) Exposure to OT/ICS environments within critical infrastructure Strong understanding of federal cybersecurity frameworks (e.g., NIST SP 800-53, ISCM, CDM) Relevant certifications such as Splunk Certified Admin, Elastic Engineer, or CISSP ECS
is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People. Seniority level
Not Applicable Employment type
Full-time Job function
Information Technology Industries
IT System Data Services Referrals increase your chances of interviewing at ECS by 2x Locations
Beaverton, OR; Hillsboro, OR; Portland, OR Portland, OR $81,750.00-$109,000.00 2 days ago Portland, OR $77,000.00-$96,000.00 1 week ago Portland, OR $75,000.00-$160,000.00 5 hours ago Additional related roles and salary ranges may be listed on the job site. ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. #J-18808-Ljbffr