SIEM Engineer; Security Information and Event Management - SC CLEARED and Remote

Responsibilities

• Set up, configure, and maintain SIEM tools such as Sentinel and Elastic.
• Deploy, configure, and manage EDR tools including Tanium, Trellix, Fire Eye, Defender, and Elastic EDR.
• Monitor security logs, detect anomalies, and investigate potential threats.
• Configure Syslog servers and maintain syslog feeds.
• Create log ingestion for Sentinel – deploy OOTB integrations and develop and deploy custom integrations for various log source types.
• Collaborate with IT and security teams to improve overall cybersecurity posture.

• Strong knowledge and experience in security engineering with SIEM & EDR platforms, network security, and understanding of cybersecurity frameworks.
• Certification(s) such as CISSP, CEH, GIAC, vendor-specific SIEM certifications, AZ-500, SC-100, etc.
• Familiarity with programming and scripting:
  Python, Power Shell, KQL (Kusto Query Language), Kibana Query Language, or other scripting languages.
• Analytical thinking and problem‑solving skills – ability to analyze large datasets and identify threats, mitigations, misconfigurations, etc.
• Communication skills – ability to document findings and communicate effectively with stakeholders.

Please send CV for full details and immediate interviews.