Leidos is looking for a SIEM (Security Information and Event Management) Tools Architect to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology to support a nationally significant and fast-paced program. Program execution follows DEVOPS best practices and employs robust development, test and production environments. We are using Behavior Driven Development (BDD) and test automation tools alongside a full suite of team collaboration tools. Leidos is the prime contractor providing system engineering, development, test, integration and operational support. The program focused on injecting new technology and adding advanced capabilities while continuing to support an on-going mission and operational system.
The SIEM Architect is responsible for collecting, parsing, and correlating events for a critical operational system. The successful candidate will demonstrate strong skills in system administration, log management, event correlation, and threat detection.
The SIEM Architect will support building and maintaining a system that analyzes collected data and derives facts, inferences, and projections to determine if the systems being monitored are operating normally or being attacked by an adversary. This individual will be responsible for overseeing best practice in configuring and architecting the systems which support analysts and end-users. The successful candidate will support the collection and extraction of data used to refine existing and new reports, analytics, and dashboards, and will be involved with the drafting and creation of reports and dashboards based on end-user requirements. She/he will also work with System Engineers and System Administrators to better define the audit data being collected to eliminate false positives and false negatives from the data.
-A Bachelor’s Degree in Information Assurance or related field and 12 years of relevant experience are required. Additional experience may be substituted for a degree.
-Possess active TS/SCI with Polygraph clearance to be considered for this role.
-At least 3 years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk.
-Experience configuring and deploying data collection for a variety of operating systems and networking platforms.
-Experience creating Dashboards and Analytics within SIEM tools.
-Experience building and maintaining systems dedicated to storing and parsing large amounts of data.
-Experience building monitoring systems supporting auditing, incident response, and system health.
-Must possess excellent troubleshooting skills.
· Network Security Operations Center (SOC) experience preferred.
· Experience and talent in data visualization.
· Experience creating workflows for Incident Response within a SIEM Tool.
· CISSP Certification.
· GIAC Certified Incident Handler Certification.
· GIAC Cyber Threat Intelligence Certification.
· Splunk Enterprise Certified Architect.Pay Range:Pay Range $113,100.00 - $174,000.00 - $234,900.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.