SIEM Engineer III

Job#: 2026462

Job Description:


  • SIEM Engineer III Req# 14100
  • 3/4
  • 1 opening

Managed Security Services Provider (MSSP)
  • Mission Systems

  • Hampton, VA or Boston, MA

  • $ 150,000– 191,000

  • Secret
  • US citizen’s or Green Card holders

  • Interview within 2 weeks
  • Teams video interview

Job Description:
As a SIEM Engineer III on our Managed Security Services Provider (MSSP) team, youll be a pivotal player in enhancing our clients digital defenses. This advanced role focuses on maximizing the reliability and security of our SIEM systems, crucial in combating cyber threats. Youll not only delve into sophisticated SIEM technologies and lead cutting-edge solution implementations but also mentor our team in detecting and mitigating emerging cybersecurity threats. Ideal for a tech-savvy individual passionate about evolving security landscapes, this role offers a significant opportunity to refine your skills and impact the cybersecurity sphere meaningfully.
  • Independently spearhead complex SIEM installations, configurations, and deployments across diverse client environments. Ensure tailored solutions that align with specific client needs and regulatory compliance. Serve as the expert point of contact for high-level deployment strategies.
  • Collaborate with top-tier engineers to architect sophisticated deployment frameworks. Take a leadership role in executing intricate configurations that cater to unique security requirements.
  • Direct and perform crucial maintenance activities on SIEM systems, encompassing vital patches, updates, and strategic overhauls. Utilize expert knowledge to fine-tune performance, ensuring maximum reliability and efficiency.
  • Lead and refine the integration of SIEM platforms with a broad spectrum of tools and systems. Guarantee optimal interoperability to strengthen overall security infrastructure.
  • Craft and implement complex scripts to automate tasks, enhancing SIEM interactions with various systems, thereby streamlining operations and minimizing manual intervention.
  • Conduct in-depth health checks and continuous monitoring of SIEM performance. Implement proactive strategies to uphold system integrity and anticipate potential issues.
  • Independently handle and document intricate issues, applying advanced technical acumen and collaborative problem-solving techniques.
  • Oversee SIEM configuration management, making strategic modifications to enhance performance, accuracy, and adaptability to evolving environments.
  • Maintain meticulous records of SIEM configurations, operations, and procedures, ensuring clarity, currency, and compliance adherence.
  • Act as the primary liaison for high-level vendor interactions, tackling complex product-related challenges and driving resolution.
  • Engage in and lead specialized training sessions on SIEM capabilities. Conduct knowledge-sharing workshops to boost the teams expertise and operational effectiveness.
  • Provide top-level support and advice to security analysts, maximizing the SIEM systems potential to fulfill security operation requirements.
  • Drive initiatives aimed at enhancing SIEM-related processes, focusing on advancements in security capabilities and operational efficiencies.
  • Offer strategic insights for automating routine tasks and refining system configurations, leveraging extensive experience and technical knowledge.
Required Skills:
At least five years of experience demonstrating proficiency in the following skills:
  • Demonstrated mastery in SIEM concepts and platforms such as Elastic, Splunk, IBM QRadar, or LogRhythm, including the ability to design, implement, and optimize complex SIEM solutions.
  • In-depth experience with system administration across various operating systems, especially those prevalent in corporate environments (Windows, Linux, MacOS), with a focus on security configurations and optimizations.
  • Comprehensive knowledge of the cybersecurity field, including advanced threat landscapes, sophisticated security protocols, and a wide array of cyberattack methodologies.
  • Proficiency in scripting languages like Python, PowerShell, or Bash is required, with an emphasis on developing complex scripts for automating tasks and integrating disparate systems within the SIEM ecosystem.
  • Exceptional skills in diagnosing and resolving intricate issues, employing logical and advanced problem-solving techniques to address complex challenges within the SIEM environment.
  • Proven ability to lead and collaborate effectively within a team, including guiding and mentoring junior engineers, interfacing with IT staff, and working closely with security analysts to enhance overall security strategies.
  • Outstanding verbal and written communication abilities for creating detailed documentation, conveying complex technical concepts in an understandable manner, and effectively reporting to both technical teams and upper management.
  • The capability to think strategically about the use of SIEM technology within the broader organizational context, including the development of innovative approaches to using SIEM for enhanced security postures.
Other Requirements of the position include:
  • Able and willing to support domestic or international on-site travel with customers or at ECS offices. Any travel will be short in duration and well-planned.
  • Possess and maintain a U.S. Passport.
  • Wear professional business attire for in-person meetings and teleconferences with internal and external organizations.
  • Perform duties not explicitly listed in this position description, as assigned.
  • Possess a US Security Clearance.
  • Bachelor’s degree; preferably in Computer Science, Information Security, or a related field. Will consider experience in lieu of a degree.
Desired Skills:
  • At least five years of hands-on experience with specific SIEM platforms, indicating a deeper understanding of their features and capabilities. Experience with Elastic is highly valued.
  • At least three years of experience integrating SIEMs with SOAR and IRCM.
  • Experience deploying, configuring, maintaining, and troubleshooting Elasticsearch and Kibana on bare metal, Elastic Cloud Enterprise (ECE), Elastic Cloud on Kubernetes (ECK), and/or Elasticsearch Service.
  • Configuration management experience through Ansible/Terraform/Chef/Puppet or like tools.
  • Security community contributions (blog posts, white papers, conference talks, tool development, etc.)
  • A stronger grasp of advanced network infrastructure, including cloud networks, virtual networks, and network segmentation, which can be crucial for more sophisticated SIEM deployments.
  • Skills in project management and familiarity with methodologies like Agile can be beneficial, particularly in managed service environments.
  • Familiarity with implementing machine learning pipelines and integrating AI-driven analytics into SIEM for improved incident detection and automated response.

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Employee Type:

Hampton, VA, US

Job Type:
Infrastructure and Security

Date Posted:
April 24, 2024