SIEM Engineering Manager at ECS Corporate Services in Fairfax, Virginia

Job Description:

ECS is seeking a SIEM Engineering Manager to work in our Fairfax, VA office or remote.



Job Description:


Are you passionate about the ever-evolving field of cybersecurity and ready to make a significant impact? Join our dynamic team at ECS, a leading provider of solutions in science, engineering, and advanced technologies, including cloud, cybersecurity, artificial intelligence (AI), data, and enterprise transformation solutions. We're searching for a SIEM Engineering Manager to join our dedicated cybersecurity team. This pivotal role places you at the heart of our mission to protect our customers from sophisticated cyber threats and vulnerabilities.


As a SIEM Engineering Manager, you will lead our SIEM operations, crafting and executing a comprehensive strategy to monitor, detect, and respond to cyber threats. Your expertise will guide the development and optimization of our SIEM technologies, enabling robust security monitoring and incident response capabilities. You'll collaborate with top-tier professionals, leveraging advanced technologies and methodologies to stay ahead of adversaries. This role is perfect for a visionary leader with a deep understanding of SIEM technologies, a passion for innovation, and a commitment to excellence in cybersecurity defense. If you're eager for a role that demands both strategic oversight and hands-on engineering, this position is tailor-made for you.


Responsibilities:

• People Leadership: Lead, mentor, and manage a team of SIEM engineers, fostering a collaborative and high-performance work environment. Provide clear direction, set performance goals, and support professional development to ensure team members achieve their full potential. Promote a culture of continuous improvement and innovation within the team.
• Lead Complex SIEM Deployments: Oversee the end-to-end process of SIEM installations, configurations, and deployments across diverse client environments. Ensure solutions are tailored to meet specific client needs and regulatory requirements. Serve as the senior expert for high-level deployment strategies.
• Architect Deployment Frameworks: Collaborate with top-tier engineers to design and implement sophisticated deployment frameworks. Take a leadership role in executing complex configurations that meet unique security requirements.
• Direct Maintenance Activities: Supervise and perform essential maintenance on SIEM systems, including applying patches, updates, and strategic overhauls. Utilize expert knowledge to optimize performance, ensuring maximum reliability and efficiency.
• Integrate SIEM Platforms: Lead the integration of SIEM platforms with a wide range of tools and systems. Ensure seamless interoperability to enhance overall security infrastructure.
• Automate and Streamline Operations: Develop and implement advanced scripts to automate tasks, enhancing SIEM interactions with various systems, thereby improving operational efficiency and reducing manual intervention.
• Monitor SIEM Performance: Conduct comprehensive health checks and continuous monitoring of SIEM performance. Implement proactive strategies to maintain system integrity and anticipate potential issues.
• Resolve Complex Issues: Oversee and document the resolution of intricate issues, applying advanced technical expertise and collaborative problem-solving techniques.
• Manage Configuration: Direct SIEM configuration management, making strategic modifications to enhance performance, accuracy, and adaptability to evolving environments.
• Maintain Detailed Records: Ensure meticulous documentation of SIEM configurations, operations, and procedures, maintaining clarity, currency, and compliance adherence.
• Liaise with Vendors: Act as the primary liaison for high-level vendor interactions, addressing complex product-related challenges and driving resolution.
• Conduct Training Sessions: Lead specialized training sessions on SIEM capabilities and conduct knowledge-sharing workshops to enhance the team's expertise and operational effectiveness.
• Provide Expert Support: Offer top-level support and advice to security analysts, maximizing the SIEM system's potential to meet security operation requirements.
• Enhance Processes: Drive initiatives aimed at improving SIEM-related processes, focusing on advancements in security capabilities and operational efficiencies.
• Offer Strategic Insights: Provide strategic recommendations for automating routine tasks and refining system configurations, leveraging extensive experience and technical knowledge.

Salary: $180,000

General Description of Benefits



Required Skills:

• At least five years of demonstrated proficiency in managing and leading SIEM operations, showcasing advanced skills in various SIEM platforms.
• Demonstrated expertise in SIEM concepts and platforms such as Elastic, Splunk, IBM QRadar, or LogRhythm, with the ability to design, implement, and optimize complex SIEM solutions.
• In-depth experience with system administration across various operating systems, particularly Windows, Linux, and MacOS, with a focus on security configurations and optimizations.
• Proficiency in scripting languages like Python, PowerShell, or Bash, with an emphasis on developing complex scripts for automating tasks and integrating disparate systems within the SIEM ecosystem.
• Exceptional skills in diagnosing and resolving intricate issues, employing logical and advanced problem-solving techniques to address complex challenges within the SIEM environment.
• Proven ability to lead and mentor a team of SIEM engineers, guiding junior engineers, collaborating with IT staff, and working closely with security analysts to enhance overall security strategies.
• Outstanding verbal and written communication abilities for creating detailed documentation, conveying complex technical concepts clearly, and effectively reporting to both technical teams and upper management.
• Capability to think strategically about the use of SIEM technology within the broader organizational context, including the development of innovative approaches to using SIEM for enhanced security postures.
• Comprehensive knowledge of the cybersecurity field, including advanced threat landscapes, sophisticated security protocols, and a wide array of cyberattack methodologies.
• Other Requirements of the position include:
• Able and willing to support domestic or international on-site travel with customers or at ECS offices. Any travel will be short in duration and well-planned.
• Possess and maintain a U.S. Passport.
• Wear professional business attire for in-person meetings and teleconferences with internal and external organizations.
• Perform duties not explicitly listed in this position description, as assigned.
• 
  Able and willing to obtain a US Security Clearance.
  
• 
  Bachelor's degree; preferably in Computer Science, Information Security, or a related field. Will consider experience in lieu of a degree.
  

Desired Skills:

• At least seven years of hands-on experience with specific SIEM platforms, indicating a deeper understanding of their features and capabilities. Experience with Elastic is highly valued.
• At least three years of experience integrating SIEMs with SOAR and IRCM.
• Experience deploying, configuring, maintaining, and troubleshooting Elasticsearch and Kibana on bare metal, Elastic Cloud Enterprise (ECE), Elastic Cloud on Kubernetes (ECK), and/or Elasticsearch Service.
• Configuration management experience through Ansible/Terraform/Chef/Puppet or like tools.
• Security community contributions (blog posts, white papers, conference talks, tool development, etc.)
• A stronger grasp of advanced network infrastructure, including cloud networks, virtual networks, and network segmentation, which can be crucial for more sophisticated SIEM deployments.
• Skills in project management and familiarity with methodologies like Agile can be beneficial, particularly in managed service environments.
• Familiarity with implementing machine learning pipelines and integrating AI-driven analytics into SIEM for improved incident detection and automated response.

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.


ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.


General Description of Benefits



Apply Now