Analysis Skills, Automation, Best Practices, Capacity and Performance Management, Communication Skills, Computer Security, Data Management, Documentation, Elasticsearch, Establish Priorities, Identify Issues, Incident Management, Incident Response, Information Assets, Information/Data Security (InfoSec), Internet Security, Interpersonal Skills, Linux Administration, Network Protocols, On Call, Operational Audit, Operational Support, Operations Processes, People Management, Performance Tuning/Optimization, Problem Solving Skills, Python Programming/Scripting Language, Red Hat Linux Operating System, Research Skills, Sales Pipeline, Scripting (Scripting Languages), Secret Clearance, Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Monitoring, Software Patches, Splunk, Standard Operating Procedures (SOP), Systems Administration/Management, Systems Maintenance, Team Player, Use Cases, Windows PowerShell
Charleston, South Carolina
Valiant Solutions is seeking a Secret-cleared SIEM/SOAR Engineer to join our rapidly growing and innovative cybersecurity team!
SIEM/SOAR Engineer to manage and maintain the CSSP’s Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. This role is responsible for administering an enterprise Elastic cluster while ensuring the performance, availability, and security of these critical systems. The engineer will leverage strong communication, analytical, and problem-solving skills to identify, communicate, and resolve issues, ultimately maximizing the effectiveness and value of CSSP security system investments.
Named one of theBest Places to Work in the Washington DC area for 12 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!
Location: Onsite in Charleston, SC.
Clearance Required: Active Secret
Education Requirement: Bachelor’s Degree in related field.
Certification Required: DoD 8570 IAT Level II and DoD 8140 CSSP Auditor compliant
Required Experience:
- Minimum of 3 years of experience in maintaining an enterprise Elastic cluster.
- Proficiency in managing and maintaining SIEM and SOAR solutions.
- Experience with Elasticsearch Enterprise (including Logstash and Kibana) for SIEM operations.
- Understanding of security event and incident management processes.
- Knowledge of scripting languages (e.g., Python, PowerShell) for automation and integration.
- Experience with threat detection and response methodologies.
- Extensive experience with Linux Administration of RHEL Operating Systems.
- Strong experience with networking protocols, solutions, and methodologies.
- Excellent troubleshooting and problem-solving skills.
- Strong documentation skills.
- Strong communication and interpersonal skills.
- Ability to work in a team-oriented, collaborative environment.
- Ability to prioritize and execute tasks in a high-pressure environment.
- Available for on-call after-hours rotational support as needed.
Responsibilities:
- Design, implement, and maintain the SIEM and SOAR infrastructure (Elastic and Splunk).
- Manage and maintain an enterprise Elastic cluster to support SIEM operations for the CSSP.
- Monitor and analyze security events and incidents to protect information assets.
- Assist in the develop and maintain use cases, rules, and alerts for threat detection and response.
- Integrate SIEM and SOAR systems with other security tools and data sources.
- Automate security operations workflows and incident response procedures using SOAR platforms.
- Perform regular system monitoring and health checks to ensure the integrity and availability of SIEM and SOAR systems.
- Conduct performance tuning, capacity planning, and scalability assessments for SIEM and SOAR solutions.
- Implement and manage data ingestion pipelines for security event data.
- Perform regular updates, patches, and upgrades for SIEM and SOAR systems.
- Create and maintain documentation for system configurations, processes, and standard operating procedures.
- Collaborate with security analysts, operations analysts, incident responders, and other CSSP teams to ensure effective use of SIEM and SOAR capabilities.
- Provide guidance and support to operations analysts on the use of SIEM and SOAR tools.
- Stay updated with the latest trends, tools, and best practices in SIEM and SOAR technologies.
- Conduct research and recommend improvements to enhance the effectiveness of the SIEM and SOAR solutions.
Equal Employment Opportunity
Valiant Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, genetic information, marital status, or veteran status, in accordance with applicable law.
Physical Demands
Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
Authorization to Share Resume and Personal Information
By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.