SIEM Engineer

📋 Description

• • AnaVation LLC is seeking a highly skilled and experienced SIEM (Security Information and Event Management) Engineer to join our dedicated team supporting a mission-critical customer in Washington, DC. This is an on-site position where you will play a pivotal role in safeguarding sensitive information and ensuring robust cybersecurity posture across multiple classification enclaves. At AnaVation, we firmly believe that our people are the driving force behind our success. We are committed to investing in talented individuals, fostering an environment where innovation thrives, and delivering exceptional value to both our customers and our employees through cutting-edge solutions and a deeply engaging culture.
• • As a SIEM Engineer, you will be at the forefront of defensive cyber operations, leveraging your expertise to design, deploy, configure, and maintain sophisticated SIEM platforms. Your contributions will be instrumental in advancing our capabilities in threat detection, incident response, and compliance adherence. This role demands a proactive approach to security, a deep understanding of complex network environments, and the ability to integrate a wide array of security tools and data sources to create a unified and effective security monitoring solution.
• • Your core responsibilities will encompass the entire lifecycle of SIEM systems. You will be involved in the architecture and engineering phases, ensuring that our SIEM solutions are designed for optimal performance, scalability, and resilience. This includes developing and implementing strategies for efficient data ingestion, correlation rules, and alert generation. Furthermore, you will be responsible for the day-to-day management and maintenance of these critical systems, ensuring their continuous operation and effectiveness. This involves troubleshooting issues, applying necessary updates and patches, and fine-tuning configurations to meet evolving security requirements.
• • A significant aspect of this role involves the integration of diverse log sources. You will work with a variety of technologies, including network firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Endpoint Detection and Response (EDR) solutions, servers (both Windows and Linux), network devices, and various security appliances. A key focus will also be on integrating cloud environments, ensuring that security events from platforms like AWS, Azure, or Google Cloud are effectively captured and analyzed within the SIEM. This comprehensive data aggregation is crucial for providing a holistic view of the security landscape and enabling rapid identification of potential threats.
• • Performance optimization will be a continuous effort. You will be tasked with enhancing SIEM performance, refining storage architectures to manage vast amounts of log data efficiently, and establishing robust data retention policies that balance compliance needs with operational requirements. Ensuring the scalability of the SIEM platform is paramount, allowing it to grow and adapt as the customer's environment expands and the threat landscape evolves. This includes monitoring system health, identifying bottlenecks, and implementing solutions to maintain peak performance.
• • Beyond technical implementation, you will contribute to the development and refinement of defensive cyber operations strategies. This involves creating and tuning correlation rules to detect sophisticated threats, developing effective incident response playbooks, and ensuring that the SIEM provides the necessary data for forensic analysis and post-incident reviews. Your work will directly support compliance initiatives, ensuring that the organization meets regulatory and contractual security obligations through accurate logging, reporting, and auditing capabilities.
• • This is an exceptional opportunity to make a tangible impact within a high-stakes environment. You will be part of a team that values collaboration, continuous learning, and a shared commitment to excellence. If you are a seasoned SIEM professional looking for a challenging and rewarding role where your expertise is highly valued and directly contributes to national security, we encourage you to apply.