Linux SIEM System Engineer

**ACTIVE TS/SCI SECURITY CLEARANCE REQUIRED**

Responsible for building/maintaining data-pipelines for associated information used for cybersecurity investigation within the enterprise. In this role you will have the opportunity to contribute to one or more areas including (but not limited to) data ingest, data normalization, SIEM management, Linux/Windows host administration, virtual machine (VM) management, and cloud asset management. To support our team, you will need to be experienced, driven, and have strong Linux, Windows, and/or networking experience. You will be collaborating closely with peers and customers which means you need to be an active listener, detail oriented, and a clear communicator.

What you get to do:

• Resolve escalated issues and perform root cause analysis for complex issues
• Have ability to communicate with program SMEs as well as other customers with less technical backgrounds
• Demonstrate a high attention to detail, examining every aspect of the system
• Be able to multi-task, working with several different customers in various stages of onboarding process
• Apply Configuration Management disciplines to maintain hardware/software revisions, security patches, hardening, and documentation
• Coordinate and conducts event collection, log management, event management, compliance activities, and identity monitoring activities for the customer's system
• Works with other Service Providers to support areas of common interest
• Provide all preventative and corrective maintenance to ensure consistent, reliable, and secure service availability
• Maintain system availability and reliability with a threshold of 99.99%
• Detect and ticket degradations (volume/velocity) of all SIEM data flows within 60 minutes of the start of the degradation
• Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency approved change management processes
• Execute emergency maintenance actions with sufficient urgency to preclude unacceptable outage durations, approved by the Government prior to execution, and coordinated through and approved by CSOC and ESC government management
• Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions
• Retain documentation regarding loss of event logs (e.g. June 5-7th DNS logs were not ingested from SBU and are lost)
• Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with all Federal, DoD, IC, and NGA laws, directives, orders, polices, guidance, procedures etc.
• Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions

Qualifications:

What you need:

• 5+ years of Systems Engineer or similar experience
• IAT II certification and obtain CSSP Infrastructure Support certification 120 days of hire 
• Possesses a strong work ethic, be self-directed, and be a detail-oriented professional
• Willing to learn and adapt to new, cutting-edge technologies
• Possess excellent time management skills and the drive to work unsupervised
• Demonstrated ability to use problem solving techniques such as root cause analysis to resolve issues
• Advanced Linux proficiency
• Knowledge of network communication principles, common infrastructure components (IPAM, DNS, DHCP), load balancers, firewalls, virtual and physical infrastructure design
• Experience with hypervisors such as VMware ESXi, Citrix XenServer, Microsoft Hyper-V
• Advanced knowledge of systems engineering principles, methods, and techniques

Ideal qualifications:

• Experience with public clouds such as AWS, Google, Rackspace.
• Experience with private clouds such as VMWare, OpenStack.
• Strong background in Unix, or Windows servers.
• Experience with SIEM technologies such as Elastic, Splunk, and/or ArcSight
• Familiarity with Cribl data aggregation/normalization technology
• Scripting experience with Python, Bash, and/or Powershell

Additional Information

• All your information will be kept confidential according to EEO guidelines.
• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $90-95k. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Accrued PTO, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and more!

D2 Consulting is committed to a merit-based recruitment process and encourages applications from all qualified individuals.  As a Veteran-Owned Small Business, we particularly welcome applications from veterans who have the requisite skills and experience.  Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.