Jobless Developer
AnaVation logo
AnaVation

Posted 3 months ago

Open

SIEM Engineer

WashingtonOn-siteFull-time

AI Summary

SIEM engineer responsible for design, deployment, configuration, and maintenance of SIEM systems across classification enclaves, supporting defensive cyber operations and incident response.

About this role

Be Challenged and Make a Difference
In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

Description of Task to be Performed:
AnaVation is seeking an experienced SIEM (Security Information and Event Management) Engineer to provide support to a mission critical customer. The selected candidate will be responsible for the design, deployment, configuration, and maintenance of SIEM systems across multiple classification enclaves.

Key Responsibilities
· Support the architecture, engineering, optimization, and sustainment of Security Information and Event Management (SIEM) platforms supporting defensive cyber operations, advanced threat detection, incident response, and compliance initiatives
· Perform configuration, management and maintenance of network firewalls, security and encryption devices, including IDS, NAC and SIEM systems.
· Integrate diverse log sources including firewalls, IDS/IPS, EDR, servers, network devices, security appliances, and cloud environments.
· Optimize SIEM performance, storage architecture, data retention policies, and system scalability.

This position is on site with the customer in Washington, DC and cannot be supported remotely.
The selected candidate must possess an active TS clearance with the ability to obtain SCI accesses. Candidates
without an active TS cannot be considered.

Required Qualifications:

  • 6+ years of cybersecurity experience, with at least 5 years focused on SIEM engineering in enterprise environments.
  • Experience supporting federal government systems at multiple security levels, strong knowledge of federal cybersecurity frameworks, and the ability to provide technical support within a secure environment.
  • Hands-on experience with one or more enterprise SIEM platforms.
  • Experience engineering and sustaining SIEM solutions in classified or air-gapped environments.
  • Familiarity with cross-domain solutions and secure data transfer controls.
  • Strong expertise in:
  • Log normalization and parsing
  • Advanced correlation rule development
  • Threat detection engineering
  • Network protocols and traffic analysis
  • Windows and Linux security logging
  • Active TS clearance with the ability to obtain SCI accesses.

    • Preferred Qualifications:

  • Bachelor’s degree in Information Technology, Computer Science, Information Systems or related field
  • Proficiency in scripting/automation (Python, PowerShell, Bash).
  • Deep understanding of MITRE ATT&CK and threat detection methodologies.
  • Demonstrated ability to work independently and lead technical initiatives in highly regulated environments.
  • Knowledge of Zero Trust architecture principles.
  • Relevant certifications such as GIAC (GCIA, GCIH, GCED) or CISSP a plus, but not required.

    • Skills

    Advanced Correlation Rule DevelopmentBashCross-domain SolutionsData Retention PoliciesEDRFirewallsIDS/IPSLinux Security LoggingLog Normalization And ParsingMITRE ATT&CKNACNetwork Protocol And Traffic AnalysisPowerShellPythonSecure Data Transfer ControlsSecurity ArchitecturesSIEM PlatformsThreat Detection EngineeringWindows Security LoggingZero-trust

    Explore related jobs

    More jobs at AnaVation

    Similar Advanced Correlation Rule Development jobs

    Jobs in Washington

    Browse these categories

    Bash JobsPowerShell JobsPython JobsJobs in WashingtonJobs in United States