Peraton
Required Qualifications:
Bachelor’s degree and a minimum of 8 years of related experience in cybersecurity or information technology or 12 years of experience and a HS Degree/Diploma. At least 8 years of professional cybersecurity experience. Minimum 4 years of hands-on experience with ArcSight or Splunk platforms. Expertise in the design, implementation, and support of SIEM core components such as ESM, Loggers, Smart Connectors (ArcSight) or Indexers, Forwarders, Search Heads, and Cluster Managers (Splunk). Proven ability to configure and administer data ingestion, forwarding, and parsing for multiple log sources. Strong troubleshooting skills related to log feeds, field extractions, and search performance. Demonstrated experience creating dashboards, visualizations, and analytics to support security operations. Certification: Must hold at least one IAT Level III certification such as CASP+, CISA, CISSP, GCED, or GCIH. Must be a US Citizen. Must be able to obtain and maintain the required agency clearance. Desired Qualifications:
CISSP certification (highly desirable). Deep understanding of networking fundamentals (ports, protocols, routing, firewalls, and proxies). Familiarity with cloud monitoring, hybrid log ingestion, and API integrations. Experience with automating SIEM tasks using scripting languages (Python, PowerShell, etc.). Strong communication skills with the ability to work effectively in cross-functional technical teams. Prior experience supporting federal or DoD cybersecurity programs is preferred. Peraton is seeking a Senior SIEM Engineer. This position plays a critical role in strengthening the Agency's cybersecurity posture, enhancing system resilience, and ensuring the protection of national security and diplomatic information assets. As part of a high-impact program, you will lead the design, implementation, and optimization of SIEM solutions to deliver real-time visibility, actionable intelligence, and advanced threat detection capabilities across complex cloud and on-prem environments. Key Responsibilities:
Design, implement, and maintain SIEM solutions (ArcSight or Splunk) to support enterprise-level monitoring and threat detection. Configure and deploy data collection mechanisms across diverse operating systems, applications, and network platforms. Integrate log sources and security data from multiple environments (on-premises and cloud) into the SIEM for centralized monitoring. Develop and maintain dashboards, correlation rules, alerts, and analytics to identify anomalous activity and potential security incidents. Troubleshoot and resolve dataflow, indexing, and ingestion issues between SIEM components. Support auditing, incident response, and system health monitoring processes. Collaborate with cybersecurity analysts, network engineers, and system administrators to enhance detection and response capabilities. Recommend improvements to logging, data normalization, and enrichment to improve detection fidelity. Assist in SIEM architecture upgrades, scalability improvements, and performance tuning. Provide technical documentation, standard operating procedures (SOPs), and guidance to ensure consistent SIEM operations and compliance.
#J-18808-Ljbffr
Bachelor’s degree and a minimum of 8 years of related experience in cybersecurity or information technology or 12 years of experience and a HS Degree/Diploma. At least 8 years of professional cybersecurity experience. Minimum 4 years of hands-on experience with ArcSight or Splunk platforms. Expertise in the design, implementation, and support of SIEM core components such as ESM, Loggers, Smart Connectors (ArcSight) or Indexers, Forwarders, Search Heads, and Cluster Managers (Splunk). Proven ability to configure and administer data ingestion, forwarding, and parsing for multiple log sources. Strong troubleshooting skills related to log feeds, field extractions, and search performance. Demonstrated experience creating dashboards, visualizations, and analytics to support security operations. Certification: Must hold at least one IAT Level III certification such as CASP+, CISA, CISSP, GCED, or GCIH. Must be a US Citizen. Must be able to obtain and maintain the required agency clearance. Desired Qualifications:
CISSP certification (highly desirable). Deep understanding of networking fundamentals (ports, protocols, routing, firewalls, and proxies). Familiarity with cloud monitoring, hybrid log ingestion, and API integrations. Experience with automating SIEM tasks using scripting languages (Python, PowerShell, etc.). Strong communication skills with the ability to work effectively in cross-functional technical teams. Prior experience supporting federal or DoD cybersecurity programs is preferred. Peraton is seeking a Senior SIEM Engineer. This position plays a critical role in strengthening the Agency's cybersecurity posture, enhancing system resilience, and ensuring the protection of national security and diplomatic information assets. As part of a high-impact program, you will lead the design, implementation, and optimization of SIEM solutions to deliver real-time visibility, actionable intelligence, and advanced threat detection capabilities across complex cloud and on-prem environments. Key Responsibilities:
Design, implement, and maintain SIEM solutions (ArcSight or Splunk) to support enterprise-level monitoring and threat detection. Configure and deploy data collection mechanisms across diverse operating systems, applications, and network platforms. Integrate log sources and security data from multiple environments (on-premises and cloud) into the SIEM for centralized monitoring. Develop and maintain dashboards, correlation rules, alerts, and analytics to identify anomalous activity and potential security incidents. Troubleshoot and resolve dataflow, indexing, and ingestion issues between SIEM components. Support auditing, incident response, and system health monitoring processes. Collaborate with cybersecurity analysts, network engineers, and system administrators to enhance detection and response capabilities. Recommend improvements to logging, data normalization, and enrichment to improve detection fidelity. Assist in SIEM architecture upgrades, scalability improvements, and performance tuning. Provide technical documentation, standard operating procedures (SOPs), and guidance to ensure consistent SIEM operations and compliance.
#J-18808-Ljbffr