SIEM Engineer with Security Clearance

Job Responsibilities As a SIEM Engineer (ArcSight & Splunk), you will be: Responsible for design, implementation and support ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers Responsible for configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data Responsible for fix ArcSight or Splunk dataflow issues between the various event flow components Responsible for configuring and deploying data collection for a variety of operating systems and networking platforms Responsible for creating Dashboards and Analytics within SIEM tools Working with monitoring systems supporting auditing, incident response, and system health Responsible for understanding networking components and devices, ports, protocols, and basic networking fix steps Required Qualifications: US citizenship is required. Top Secret with SCI eligibility. Bachelor's degree in information technology, Computer Science, Information Systems, related field, or equivalent experience. A minimum of 8 years of related cybersecurity experience. A minimum of at least 4 years of proven ability with either ArcSight or Splunk Experience in design, implementation, and support of ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers Experience with configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data Experience with fixing ArcSight or Splunk dataflow issues between the various event flow components Experience configuring and deploying data collection for a variety of operating systems and networking platforms Experience creating Dashboards and Analytics within SIEM tools Experience working with monitoring systems supporting auditing, incident response, and system health Understanding of networking components and devices, ports, protocols, and basic networking fix steps The ability to solve issues with log feeds, search time, and field extractions The ability to solve problems related to data solutions. Desired Qualifications: Network Security Operations Center (SOC) experience Experience and talent in date correlation Experience creating workflows for Incident Response within a SIEM Tool GIAC Certified Incident Handler Certification GIAC Cyber Threat Intelligence Certification Cybersecurity certifications Formal SIEM training

Location: Washington, District of Columbia, US

Posted Date: 8/22/2025