Cyber Security Operations Specialist -SIEM Services

$60,549 - $101,109/Yr

Unclassified - Springfield, VA

posted 3 months ago

Full-time - Mid Level
Remote - Springfield, VA
10,001+ employees

About the position

As a Cyber Security Operations Specialist focusing on SIEM Services, you will play a critical role in ensuring the security and reliability of our systems. Your primary responsibility will be to provide all preventative and corrective maintenance necessary to maintain consistent, reliable, and secure service availability. This includes executing actions required to restore services to full operational capability, such as managing vendor RMA processes, removing and properly disposing of broken equipment or software, and installing and testing new equipment and software. You will be expected to maintain system availability and reliability with a target threshold of 99.99%. In this role, you will be responsible for detecting and ticketing any degradations in SIEM data flows within 60 minutes of their occurrence. You will perform day-to-day maintenance and specific scheduled maintenance activities based on manufacturer recommendations, alerts, bulletins, and available patches. This will involve maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the Cyber Security Operations Center (CSOC) knowledge management platform. You will also execute emergency maintenance actions with urgency to prevent unacceptable outage durations, coordinating with government management for approval. Your duties will extend to performing all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions. Continuous engineering assessments will be part of your responsibilities to improve the performance, effectiveness, coverage, and maturity of the service. You will configure all assets assigned to this service in accordance with federal and DoD regulations, ensuring that all data flows are properly parsed for ingestion and transmission to internal and external automated reporting systems. Additionally, you will utilize agency-approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions. Your role will also involve using various monitoring, analysis, and visualization tools to track effectiveness, status, and performance metrics as required by government staff and contractors.

Responsibilities

  • Provide all preventative and corrective maintenance to ensure consistent, reliable, and secure service availability.
  • Maintain system availability and reliability with a threshold of 99.99%.
  • Detect and ticket degradations of all SIEM data flows within 60 minutes of the start of the degradation.
  • Perform day-to-day maintenance and specific scheduled maintenance activities according to agency approved change management processes.
  • Execute emergency maintenance actions with sufficient urgency to preclude unacceptable outage durations, approved by the Government prior to execution.
  • Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions.
  • Conduct continuous engineering assessments to improve the performance, effectiveness, coverage, and maturity of the service.
  • Configure all assets assigned to this service in accordance with federal, DoD, IC, and NGA laws and directives.
  • Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions.
  • Use various monitoring, analysis, and visualization tools to track effectiveness, status, performance metrics, and other information as needed.

Requirements

  • 3+ years of related experience in cybersecurity operations.
  • Active TS/SCI Clearance.
  • DoD 8570.01-M IAT Level II and CSSP Infrastructure Support certifications.
  • Expertise in Linux (RHEL) administration and engineering.
  • Proficient in manipulating SIEM filters to analyze potential malicious activity and reduce false positives.
  • Experience with content development within ArcSight and Kibana.
  • Skilled in troubleshooting event flow through Enterprise Audit infrastructure.
  • Experience developing and maintaining enterprise audit projects.

Nice-to-haves

  • Kibana Data Analytics experience.
  • Experience investigating, analyzing, and responding to cyber incidents within a network environment.
  • Ability to evaluate, test, recommend, and maintain cybersecurity policies and systems.
  • Experience developing techniques for conducting cybersecurity risk assessments and compliance audits.

Benefits

  • Medical plan options, some with Health Savings Accounts.
  • Dental plan options.
  • Vision plan.
  • 401(k) plan with company match.
  • Flexible work weeks and various paid time off plans including vacation, sick, personal time, holidays, paid parental, military, bereavement, and jury duty leave.
  • Short and long-term disability benefits.
  • Life, accidental death and dismemberment, personal accident, critical illness, and business travel and accident insurance.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service