🍁 SearchCanadaJobs.com

SIEM Platform Engineer

Company

Booz Allen Hamilton

Location

Arlington, Virginia

Type

Full time

SIEM Platform Engineer

The Opportunity:

Work with clients and peers to build a high-performing system using Elastic to aggregate logs from many systems into a single common schema. Use Elastic Common Schema (ECS) formatted fields, create quality visualizations and alerts that analyst can use for threat hunting, maintain infrastructure, and identify problems or anomalous behavior before they become a larger issue and can be actioned on. Work with the vendor to determine best practices for deployment and maintenance of system architecture and deploy within designated security requirements. 

You Have:

  • 1+ years of experience with SIEM platforms such as Splunk Enterprise Security, Elastic Security, Kibana, Sentinel, or Chronicle
  • Experience designing data pipeline architectures for security operations, including log collection, normalization, enrichment, and routing
  • Experience with Elastic Stack, Logstash, Elasticsearch, Kibana, and Beats, ...
  • 🍁 Ready to Apply?

    Take the next step in your Canadian career

    Apply Now