SIEM Analyst

Job ID: 2310948-2919

Location: REMOTE WORK, KS, US

Date Posted: 2023-08-08

Category: Cyber

Subcategory: Cyber Engineer

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: Interim Secret

Clearance Level Must Be Able to Obtain: Secret

Potential for Remote Work: No

Description

SAIC is currently looking for a Security Information and Event Management (SIEM) Analyst to support the US Army Corps of Engineers (USACE) Revolutionary IT Services (RITS) program to implement, configure, monitor and maintain the Security Information and Event Management (SIEM) tool on all USACE-supported networks and enclaves.

NOTE: This position is fully remote / work from home.

JOB DESCRIPTION:

• Provide correlation and analysis of cyberspace incident reports
• Providing immediate notification for unplanned sensor-fed outages exceeding 24 hours, and providing an AAR identifying root causes for the outage
• Maintaining documentation for all feeds, sensors, and connectors in the SIEM and providing reports to USACE OCIO/G-6
• Utilize analysis tools to provide threat detection analysis and monitoring, correlation, and prevention of cyber threat activity
• Use best security practices, advanced log analysis, forensics, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, and anti-virus capabilities
• Use forensics analysis to determine adversary methods of exploiting information system security controls, the use of malicious logic, and the lifecycle of network threats and attack vectors
• Produce reports on the unique TTPs utilized and conduct incident handling/triage, network analysis and threat detection, trend analysis, metric development, and security vulnerability information dissemination
• Assist the customer with developing metrics and trending/analysis reports of malicious activity and develop signatures for threat detection

Qualifications

REQUIRED EXPERIENCE AND EDUCATION:

• Bachelor’s with five (5) years of experience; additional four (4) years of experience accepted in lieu of degree
• System administration or engineering experience within Security Information and Event Management (SIEM) systems
• Experience operating and maintaining SIEM systems such as ArcSight, Splunk, ElasticSearch or other related systems
• Experience configuring applications on Unix and Linux operating systems
• Experience parsing logs to ensure information aligns with SIEM tool
• Experience performing data correlation and analysis reporting for all sensors
• Experience providing access to the SIEM systems, establishing use cases and running queries

REQUIRED CERTIFICATION:

• Must have a current DoD 8570 CSSP-Infrastructure Support certification such as CEH, CySA , CND, Cloud , etc.
• Computing Environment Training requirement must be met within 180-days (6 Months) after hire date (we will help to obtain during work hours)

REQUIRED CLEARANCE:

• Must be able to obtain a full Secret Clearance; Interim Secret required prior to start, SAIC will help to obtain
• Must be a current US Citizen

Target salary range: $95,001 - $105,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.