SIEM Consultant (JNRJP61218)
Place of Performance: on-site, Crystal City, VA
Clearance: DoD Top Secret (SCI not needed)
Employment Type: FTE (No 1099)
Start Date: within 2 weeks notice
Training: Free training on LR deployment and analytics courses.
Agency: US Air Force
Consultant will provide professional services consultant to provide on-site in support of the SIEM solution deployments for the Air Force.
Set up and configure the Core Foundation elements of the SIEM solution:
-
Installing the software platform
-
Configuring recommended settings
-
Configuring basic log collection
-
Validating the system functions as designed
-
Work with customer to configure entities, plus risk and threat levels.
-
Provide guidance to the customer on configuration of supported log source types.
-
Import the required compliance module from the Knowledge Base.
-
Populate compliance module lists.
-
Enable desired compliance package AIE rules.
-
Configure, test and tune AI Engine rules, associated alarms and related supporting configuration.
-
Create and schedule report packages
-
Conduct product overview knowledge transfer throughout the engagement.
-
Assist customer with User Acceptance Testing (UAT).
On-Site Consultant will assist with the administration of the SIEM core functionality and stability. Provide additional ad-hoc services as mutually agreed upon. Specified ad-hoc tasks may include but are not limited to:
-
Deployment of SIEM Agents/ Collectors
-
Enable and tune SIEM Alarms
-
Enable and tune SIEM AI Engine rules and use cases
-
SIEM Component Tuning
-
Working on customer’s behalf to address SIEM Support tickets.
-
Report creation
-
Onboarding of supported Log sources
-
Upgrades and LR patching
Job Qualifications
Experience:
-
The successful Professional Services Consultant typically has a minimum of 5-7 years’ information technology experience with at least 3 years in a related security discipline. This position requires the following education and experience.
-
Enterprise Experience: Experience leading or being a key contributor on complex projects for small to medium sized enterprise companies
-
SIEM Experience: 1 year of SIEM implementation and configuration experience. LogRythm, SPLUNK, QRadar, or ArcSight preferred.
-
Security: Knowledge of incident response and security domains
-
SOC: Understanding of SOC tools and operations, staffing needs, best practices and workflow
-
Education: A Bachelor’s degree or equivalent demonstrated experience, in a related information technology or security discipline
-
Certifications: Certifications in a core security-related discipline or equivalent experience. Examples of desirable security certifications include ISC2 CISSP, SANS GISP, or SANS GMON
Skills:
-
Communication Skills: Strong oral, written and listening skills are an essential part of effective consulting Analytical Skills: Ability to visualize, articulate, conceptualize and solve both complex problems by making reasonable decisions given the information available
-
Networking: Experience in network administration and the ability to work at all layers of the OSI and OSX models, including being able to explain communication at any level
-
Systems Administration: Windows and Linux administration knowledge
-
Windows: Knowledge of basic Windows setup, Windows Domains, trusts, GPOs, server roles, and Windows security policies.
-
Linux: Knowledge of basic Linux setup, user administration, shell features, package management, event logging, job scheduling, Linux kernel, Linux security and troubleshooting
-
-
Technical Writing: Ability to create professional documents such as customer presentations, internal white papers, and customer project deliverables
And send resume to Jobs@FlexSR.com
Attn SIEM (JNRJP0143)