Cyber Security Engineer (SIEM) (TS/SCI Poly)
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
At this time, we can only accept candidates with an active TS/SCI WITH A COUNTERINTELLIGENCE POLY GRAPH (US Citizen) and local to northern VA.
Responsibilities include, but are not limited to:
- Perform tasks and complete customer requests using the ServiceNow delivery platform.
- Resolve incident tickets issued through ServiceNow.
- On-board customer’s assets consisting of operating systems, applications and network devices in multiple enclaves.
- Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.
- Assist the Program/Project engineers in testing and implementing future enhancements.
- Utilize, evaluate and update all engineer instruction sets and SOPs.
- Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.
- Perform various Linux and Windows systems administration tasks related to the operational system.
- Verification and validation that the segments are operating as desired, audit events are being processed, metrics generation, and ensuring that all required systematic audit events are being accomplished.
- Operate and multitask in a dynamic high tempo environment.
- Perform the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline.
- Perform work duties in a government environment as part of a multi-contractor team.
- Facilitate the enablement, collection, and verification of customer data within SIEM tools.
- Develop SIEM search queries to support Enterprise Audit service requirements.
- Ability to learn custom audit solutions with flex connectors and regex parsing.
Position Requirements:• Minimum Education: B.S. or relevant experience in related field.• Minimum/General Experience: 2-5 years of related experience.• Must possess the required DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.• The ideal candidate will be able to work independently and in team environments and be able to take on tasks quickly with minimal direction.• Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.• Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.• A good understanding of Linux and Windows systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required.• Familiarity with the Certification & Accreditation process is preferable but not required.
Desired Skills:• Ability to learn and comprehend from provided training in an individual contributor and team capacity.• Experience with Security Information and Event Management (SIEM) platforms, preferable NetWitness and ArcSight.• Experience with Linux, Windows Server and workstations, Red Hat and CentOS.• Cloud environment experience and/or certifications.• Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.• Experience with creating custom parsers to ingest unique metadata into a standardized log format.• Working knowledge of current COTS Cybersecurity technologies.• Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and Enterprise Audit• Ability to clearly articulate ideas for executive – level as well as technical staff consumption• Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
Clearance Requirement:• Must possess an active TS/SCI w/ a CI polygraph.
We use Greenhouse Software as our applicant tracking system and Free Busy for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application.
Why GuidePoint?GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 800 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 3,500 customers.
Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.
This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.Some added perks….
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions
- 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option