SIEM Specialist

SIEM / Elastic Specialist will :

Be responsible for designing & setting up the ingestion of various customer data flows to include pre-processing data into a useable format, ensuring proper parsing and indexing

Collaborate with cross-functional teams and responsible for designing & integrating Elastic with a wide variety of data sources and developing associated knowledge objects such as queries, dashboards, reports, alerts for monitoring and analytics

Perform data transformation using Elastic query language

Track the health of the Elastic environment and optimize its performance. Troubleshoot and resolve issues related to security, performance, data indexing, and searches

Perform watch-officer monitoring duties, including :

monitoring, detecting, investigating, and responding to cybersecurity threats and events using Elastic / SIEM Platform

Reviewing correlated alerts and logs for compromise scenarios

Performing triage of security alerts to prioritize response

Identifying false positives

Investigating security incidents and determining root cause

Collecting and preserving logs for analysis

Escalating confirmed incidents to leadership or SOC teams

Coordinating with IT or DevOps for containment and remediation

Creating after-action reports (AAR) post-incident

In addition, the role may include assistance with monitoring Vulnerability Management tools, such as ACAS and ePO

Minimum Qualifications

Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline and at least 3 years of working knowledge and hands-on equivalent relevant experience.

Security+ certification required

Candidate must have active secret security clearance.

Position requires candidate to work on-site in Alexandria VA 2-3 days / week

Other Job Specific Skills

Working knowledge and hands-on experience with the following :

Elastic / Splunk query languages

Monitoring SIEM dashboards and real-time alerts

Fine-tuning SIEM rules to reduce noice

NIST 500-53 & DevSecOps frameworks

Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements

The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

$86200 - $140,000

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.