- Designing, implementing, and maintaining SIEM and SOAR solutions by collaborating effectively with NOSC-Cyber and other key stakeholder groups.
- Work in partnership with network and security engineers and cloud development teams to drive improvements to security requirements.
- Research the latest capabilities of SIEM, SOAR platforms and IT technologies (e.g. firewalls, operating systems, networks, storage, virtualization, AD, IPS, Proxies etc.) and be able to present findings to management.
- Optimize SIEM, SOAR and NOSC-Cyber architecture to improve efficiency and effectiveness of the platforms and processes
- Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
- Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices
- Design and document existing production Swimlane environment to include Visio diagrams.
- At least six (6) years of professional experience cybersecurity, NOC/SOC environments, and IT Services environment, providing incident response
- Demonstrated experience with SIEM and SOAR tool suites, with an emphasis on Swinlane and Splunk
- Demonstrated experience endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies
- Must be resourceful in learning a very complex and dynamically changing network
- Must be a self-starter, able to work independently, and able to manage time effectively
- Working knowledge of cloud platforms such as AWS, Azure
- Ability to communicate effectively with all levels of an organization from engineering, operations, and management
- U.S. citizenship required and eligibility for a DHS EOD is required to be considered for this position.
- Certification involving cybersecurity
- Comptia Security+
- Splunk
- CISSP
- CCNP Security
- CCIE Security
- Splunk
- Swimlane
- Knowledge of at least one programming or scripting language (ex. Python, PowerShell, PHP, Perl)
- Windows/Linux experience
-
DHS HSEN
4 days ago
Versar Washington, United StatesPosition Summary · BayFirst Solutions, a subsidiary of Versar, Inc., is seeking a Senior Security Architect to support the DHS Homeland Security Enterprise Network (HSEN) within the Office of the Chief Information Officer (OCIO). This candidate will be a member of a high functio ...
-
DHS HSEN
6 days ago
Versar Washington, United StatesJob Description · Job Description · Position Summary · BayFirst Solutions, a subsidiary of Versar, Inc., is seeking a Senior Security Engineer (Compliance) to support the Department of Homeland Security's Enterprise Engineering Division (EED) within the Office of the Chief Info ...
-
Network Monitoring Tools Engineer
5 days ago
CACI International Washington, United StatesNetwork Monitoring Tools Engineer · Job Category: Information Technology · Time Type: Full time · Minimum Clearance Required to Start: None · Employee Type: Regular · Percentage of Travel Required: Up to 10% · Type of Travel: Local · CACI is seeking a NOSC Network Monitoring Tool ...
-
Network Monitoring Tools Engineer
1 week ago
CACI International Washington, United StatesNetwork Monitoring Tools Engineer · Job Category: Information Technology · Time Type: Full time · Minimum Clearance Required to Start: None · Employee Type: Regular · Percentage of Travel Required: Up to 10% · Type of Travel: Local · * * * · CACI is seeking a NOSC Network Monitor ...
-
System and Tool Administration Lead
2 days ago
Sev1Tech Washington, United StatesOverview/ Job Responsibilities · Sev1Tech is looking for System and Tool Administration Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for sec ...
DHS HSEN - Washington, United States - Versar
Description
Position SummaryBayFirst Solutions, a subsidiary of Versar, Inc., is seeking a Security Architect (SIEM & SOAR) to support the DHS' Homeland Security Enterprise Network (HSEN) within the Office of the Chief Information Officer (OCIO), IT Operations, Enterprise Engineering Division (EED). This resource will be a member of a high functioning team of network and security engineers, data center specialists, and stakeholder groups, such as the DHS Network Operations Security Center – Cyber (NOSC-Cyber), ISSOs, and industry vendors, working to continually strengthen and secure HSEN and its data.
The candidate's primary responsibility is to maintain and mature the existing DHS Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solutions, and lead the analysis, integration, and testing of this and new security tools and technologies.
This role is eligible for full-time telework.
Duties / Responsibilities
BA or BS (Cyber Security, Computer Science, Information Systems, Software Engineering, Computer Engineering, or related field); relevant experience may be a substitute for education.
Certifications Desired But Not Required