Security Information Event Manager (SIEM) Administrator

Role Overview

A Security Information Event Manager (SIEM) Administrator is responsible for managing the organization's security information and event management (SIEM) system using Splunk. This role involves implementing, maintaining, troubleshooting, and optimizing the SIEM system to ensure effective security monitoring and incident response.

What You Will Do

Implement, install, and troubleshoot Splunk Enterprise (SE) and Splunk Enterprise Security (ES) systems. Maintain and administer SE and ES configurations, indexes, apps, and knowledge objects. Monitor system health, capacity, and performance to proactively address issues.

Why It Might Be a Fit

Must have experience administering Linux servers, experience with SIEM Content Development, and strong analytical and problem-solving skills. Excellent communication and collaboration skills are also required.

Requirements

• High School Diploma
• At least 4+ years of system, network administration, or developer experience
• 2+ years of Splunk administration
• IAW DoD 8140.03-M, must meet the Intermediate Proficiency Level qualifications
• IAM-II Certification (one or more of the following): CISM, CISSP (OR ASSOCIATE), GSLC, CCISO, CAP, CASP+ CE, HCISSP
• Must have Splunk Enterprise Certified Admin credential
• Must have experience administering Linux servers
• Must have experience with SIEM Content Development

Benefits

• Medical
• dental
• vision coverage
• 401k matching
• generous PTO
• paid holidays
• professional training opportunities
• pet insurance