- Evaluate specific application's capability for logging, monitoring, and alerting information in the NFCU environment either on-prem, cloud, or hybrid
- Serve as a critical Quality Assurance (QA) point within a four-stage process used to integrate NFCU's application portfolio to Splunk Logging and Alerting
- Evaluate the completeness and accuracy of the information provided and verify that the log entries meet criteria provided for monitoring and alerting
- Validate the submitted information through use of Microsoft (KQL) and assist with mapping to data in Splunk
- Identify deficiencies and revert the workflow as needed to collect additional information when encountering inaccurate or incomplete information
- Interact with the appropriate Business Unit (BU) contact and/or technical contact to gain clarity on difficult to obtain, incomplete, or inaccurate information
- Development and Analysis functions to validate existing logs are sufficient to implement monitoring and alerting.
- Use Azure Log Analytics to collect and index log data, develop queries, log integration support and reporting
- Ingest new data sources to implement use cases, dashboards, and automated reports
- Perform Quality Assurance review of new use cases prior to deployment into application portfolio
- Ensure standards are maintained
- Validate the submitted information through use of KQL
- Troubleshoot existing use cases for root cause and provide issue resolution
- Assist with identifying and escalating issues and risks developing plans for resolution
- Assist with issue and risk prioritization
- Azure Log Analytics CSOC use cases and related queries
- Associated scripts, etc. for remediation of use cases that failed to execute
- Define and assist in the creation of operational and executive security reports and dashboards
- Root Cause Analysis of issues
- Capture and migration of documentation of use cases, queries, alerts, etc. for storing into ServiceNow Knowledge Management articles or leverage Azure ADO Wiki pages to create knowledge management articles
- Conduct 1-1 training and job shadowing for comprehensive knowledge transfer
- Expert-level, hands-on Log Analytics engineer with experience in complex environments
- Expert in Kusto Query Language (KQL)
- Deep knowledge of other SIEM platforms, such as Splunk, QRadar, or Arcsight
- Previous experience in applying knowledge to uncover threats based on log data within Cloud Service Provider (CSP) environments (Azure AAD, Azure Resources, Event logs, etc.) to build, analyze, and tune detections.
- Experience with Microsoft Cloud Security Technologies such as Azure Sentinel, Microsoft Defender, MDE, ATP, Azure Data Explorer and Azure Log Analytics or similar products like ArcSight, Splunk and Logstash
- Demonstrated ability to understand and communicate technical details with varying levels of management
-
SIEM Engineer III
2 weeks ago
ECS Fairfax, United StatesECS is seeking a SIEM Engineer III to work in our Fairfax, VA office. · Job Description: · Are you passionate about the ever-evolving field of cybersecurity and ready to embark on a career with a positive and lasting impact? Join our dynamic team at ECS, a leading provider of sol ...
-
SIEM Engineer
1 week ago
MartinFed Washington, United StatesJob Description · Job DescriptionCOMPANY OVERVIEW · Founded in 2007 in Huntsville, AL, MartinFed provides the U.S. government with customer-focused, performance-based solutions using technology and an empowered workforce as an engine to drive its customers' missions. Our goal is ...
-
SIEM Engineer
5 days ago
Scout Solutions Inc Defunct Leesburg, United StatesSIEM Engineer - SOAR SME · Location: Leesburg, VA (Onsite) · We are currently seeking a SIEM Engineer to join our growing team in support of a Security Operations Center on a newly awarded contract. The ideal candidate will have experience working in a network security environme ...
-
SIEM Engineer
2 weeks ago
Gray Tier Technologies LLC Leesburg, United StatesGray Tier Technologies is seeking a SIEM Engineer to join our growing team in support of a Security Operations Center on a newly awarded contract. The ideal candidate will have experience working in a network security environment, such as a Security Operations Center (SOC), Compu ...
-
SIEM/Splunk Engineer
1 week ago
Coalfire Washington, DC, United StatesAbout Coalfire · Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers. Coalfire Federal along with its parent co ...
-
NS2 SIEM Engineering Manager
3 weeks ago
SAP Herndon, United StatesWe help the world run better · At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces ...
-
siem engineer/soar sme
3 weeks ago
NorthHill Technology Leesburg, United StatesNorthHill Technology Resources has an immediate need for a SIEM Engineer/SOAR SME to support a Federal Program in Leesburg, VA. This is a direct-hire role with our client, a fast-growing Federal Integrator. It is hybrid, 3 days onsite in Leesburg and 2 days remote. US Citizenship ...
-
SIEM Engineer/SOAR Splunk SME
1 week ago
Maania Consultancy Services Leesburg, United States· High school diploma and two years of applicable experience required. College degree preferred. · Previous experience working in databases preferred. · Knowledge of Microsoft Office. · Candidates should possess accurate data entry skills. · Powered by JazzHR · ...
-
SIEM Engineer/SOAR Splunk SME
1 week ago
Maania Consultancy Services Leesburg, United StatesThanks for visiting our Job Board. Please review our open positions and apply to the positions that match your qualifications. · High school diploma and two years of applicable experience required. College degree preferred. · Previous experience working in databases preferred. · ...
-
SIEM Engineer/SOAR Splunk SME
3 weeks ago
Maania Consultancy Services Leesburg, United States· High school diploma and two years of applicable experience required. College degree preferred. · Previous experience working in databases preferred. · Knowledge of Microsoft Office. · Candidates should possess accurate data entry skills. ...
-
SIEM Engineer/SOAR Splunk SME
1 week ago
Maania Consultancy Services Leesburg, United StatesJob Description · Job Description · High school diploma and two years of applicable experience required. College degree preferred. · Previous experience working in databases preferred. · Knowledge of Microsoft Office. · Candidates should possess accurate data entry skills. · Powe ...
-
Cybersecurity Specialist
3 weeks ago
AAC Inc Vienna, United StatesReview network firewall rule exception requests to ensure the request meets policy and perimeter protection standards. Validate security scans for the requested public · Implement and maintain web security gateways that protect employee workstations. Continuously assess the effec ...
-
Cyber Security Analyst 1
3 weeks ago
M.C. Dean, Inc. Tysons, United StatesAs a **Cybersecurity Analyst **on our** **cross-discipline information technology team, you will play a crucial role in protecting M.C. Dean's information technology assets associated with mission critical enterprise systems and cloud service offerings managing information for th ...
-
Cloud Security Engineer
1 day ago
Compass Pointe Consulting Vienna, United StatesCloud Security Engineer · Vienna, VA – Hybrid 2/3 days in office · Responsibilities encompass collaborating with other DevOps and SysOps teams to transition public facing, on-premises applications to the cloud; securing the configuration management of the cloud infrastructure; m ...
-
Cybersecuriy Specialist
1 day ago
Compass Pointe Consulting Vienna, United StatesCybersecurity Specialist · Vienna, VA - Hybrid 2/3 days onsite · Assist in day-to-day operational security duties on a network security team handling Cisco, Juniper, and Palo Alto Networks firewalls. Evaluate, recommend, and justify appropriate commercial off-the-shelf products ...
-
Cybersecurity Lead
11 hours ago
AAC Inc Vienna, United StatesProvide architectural design and coordinate the implementation of security products to integrate into existing network environment. Identify significant actual and potential cyber security problems, trends, and weaknesses and recommend specific modifications and solutions to redu ...
-
Apl Analyst Stig Tester
1 week ago
Corsec Security Fairfax, United StatesWe're looking for an individual with network configuration and testing experience, who would like to work on and with cutting edge systems as they work to meet DoD requirements. If you have experience in testing or the federal space come join our fast growing team. · STIG and int ...
-
Information Security Analyst Ii
3 weeks ago
Fairfax County Government Fairfax, United States**Salary** · - $76, $126,862.32 Annually**Location** · - FAIRFAX (EJ32), VA**Job Type** · - FT Salary W BN**Job Number** · **Department** · - Information Technology**Opening Date** · - 05/11/2024**Closing Date** · - 5/24/2024 5:00 PM Eastern**Pay Grade** · - S27**Posting Type** · ...
-
BAE Systems Annapolis Junction, United States Full timeJob Description · The selected candidate will join a high performing agile team that uses the Scaled Agile Framework (SAFe) methodology to support a nationally significant and fast-paced program. Program execution follows DEVOPS best practices and employs robust development, tes ...
-
Isso- Mid
2 weeks ago
Peraton Herndon, United States**About Peraton** · **Responsibilities** · Are you ready to work on a team that supports the development of cutting edge technology? Our program provides IT-based efforts required to support DoD and the IC for technology and concept development. The DoD intelligence mission is to ...
Microsoft Azure Sentinel SIEM Engineer - Vienna, United States - Shuvel Digital
Description
Senior Secure Innovation and Resilience (SI&R) Resource - Microsoft Azure Professional who is experienced with Kusto Query Language (KQL) and design of security-specific alerts. The senior resource will work within the current information security team and perform as a lead technical Subject Matter Expert (SME) that will also liaise to the appropriate business units (BU) to support security strategy and ensure accuracy of related data.
Resource will evaluate specific logging, monitoring, and alerting events for efficiency and provide industry best practice recommendation for continuous improvement as Navy Federal Credit Unions application portfolio is moved into a Security Information and Event Management (SIEM) solution. Additionally, the resource will follow Navy Federal Credit Unions established delivery cadence for either agile (methods for sprint planning, sprint refinements, sprint standup, and retrospectives) or traditional waterfall where appropriate.
Resource will provide professional services deeply rooted in Azure Log Analytics with focus on Kusto Query Language (KQL). The resource will collaborate with NFCU's technical and business teams as needed to determine any deficiencies and ensure continuous improvement as well as take part in any related agile or traditional development engagements which ultimately integrate with the team's application portfolio.
The resource shall provide the following analytical, development, and support services:
Microsoft Azure Sentinel SIEM Engineer professionals in Vienna
-
Jerry Lacasse
Customer Success Manager