Security Information and Event Management (SIEM) Consultant              Job# JNRJP0143

 

Place of Performance: 100% on-site, Crystal City, VA

Clearance: Secret or Top Secret (SCI not needed)

Employment Type: FTE (No 1099/C2C)

Start Date: within 2 weeks notice

Training: Free training on deployment and analytics courses.

Agency: US Air Force

Consultant will provide professional services on-site in support of the SIEM solution deployments for the Air Force.

Set up and configure the Core Foundation elements of the SIEM solution:

  • Installing the software platform

  • Configuring recommended settings

  • Configuring basic log collection

  • Validating the system functions as designed

  • Work with customer to configure entities, plus risk and threat levels.

  • Provide guidance to the customer on configuration of supported log source types.

  • Import the required compliance module from the Knowledge Base.

  • Populate compliance module lists.

  • Enable desired compliance package AIE rules.

  • Configure, test and tune AI Engine rules, associated alarms and related supporting configuration.

  • Create and schedule report packages

  • Conduct product overview knowledge transfer throughout the engagement.

  • Assist customer with User Acceptance Testing (UAT).

 

 

On-Site Consultant will assist with the administration of the SIEM core functionality and stability. Provide additional ad-hoc services as mutually agreed upon. Specified ad-hoc tasks may include but are not limited to:

  • Deployment of SIEM Agents/ Collectors

  • Enable and tune SIEM Alarms

  • Enable and tune SIEM AI Engine rules and use cases

  • SIEM Component Tuning

  • Working on customer’s behalf to address SIEM Support tickets.

  • Report creation

  • Onboarding of supported Log sources

  • Upgrades and LR patching

 

 

Job Qualifications

Experience:

  • The successful Professional Services Consultant typically has a minimum of 5-7 years’ information technology experience with at least 3 years in a related security discipline. This position requires the following education and experience.

  • Enterprise Experience: Experience leading or being a key contributor on complex projects for small to medium sized enterprise companies

  • SIEM Experience: 1 year of SIEM implementation and configuration experience. LogRythm, SPLUNK, QRadar, or ArcSight preferred.

  • Security: Knowledge of incident response and security domains

  • SOC: Understanding of SOC tools and operations, staffing needs, best practices and workflow

  • Education: A Bachelor’s degree or equivalent demonstrated experience, in a related information technology or security discipline

  • Certifications: Certifications in a core security-related discipline or equivalent experience. Examples of desirable security certifications include ISC2 CISSP, SANS GISP, or SANS GMON

Skills:

  • Communication Skills: Strong oral, written and listening skills are an essential part of effective consulting Analytical Skills: Ability to visualize, articulate, conceptualize and solve both complex problems by making reasonable decisions given the information available

  • Networking: Experience in network administration and the ability to work at all layers of the OSI and OSX models, including being able to explain communication at any level

  • Systems Administration: Windows and Linux administration knowledge

    • Windows: Knowledge of basic Windows setup, Windows Domains, trusts, GPOs, server roles, and Windows security policies.

    • Linux: Knowledge of basic Linux setup, user administration, shell features, package management, event logging, job scheduling, Linux kernel, Linux security and troubleshooting

  • Technical Writing: Ability to create professional documents such as customer presentations, internal white papers, and customer project deliverables

And send resume to Jobs@FlexSR.com

Attn SIEM (JNRJP0143)

 

www.CyberSecSource.com