Skip to content
mimi
All jobs · DevOps Engineer jobs

SIEM platform engineer

Booz Allen Hamilton

McLean · flexible Full-time Senior $78k – $176k/yr 2d ago
Apply with a tailored resume Save job

About the role

About

At Booz Allen Hamilton we are looking for a DevOps engineer!

Tech stack

  • AI
  • CI/CD
  • Cloud
  • DevSecOps
  • Docker
  • ElasticSearch
  • Support
  • Kafka
  • Kibana
  • Kubernetes
  • OpenShift
  • Python
  • Security
  • Splunk
  • DevOps

Requirements

  • Over 5 years of experience with SIEM platforms, including but not limited to Splunk Enterprise Security, Elastic Security, Kibana, Sentinel, or Chronicle
  • At least 3 years of experience in designing data pipeline architectures for security operations, covering log collection, normalization, enrichment, and routing
  • Minimum 2 years of experience working with the Elastic Stack, including Logstash, Elasticsearch, Kibana, and Beats with skills in installation, configuration, maintenance, upgrades, and troubleshooting
  • Proficiency in architecting detection engineering pipelines, threat hunting workflows, or automated response capabilities
  • Familiarity with EDR, NDR, or full-packet capture solutions like CrowdStrike, Corelight, or Trellix
  • Experience deploying platforms in cloud, on-premises, and isolated environments using Kubernetes or OpenShift
  • Proven ability to work in classified or compartmented environments with strict access enforcement
  • Knowledge of Elastic Index Lifecycle Management (ILM)
  • TS/SCI clearance
  • High school diploma or GED

Responsibilities

  • Collaborate with clients and team members to construct a high-performance system utilizing Elastic to consolidate logs from various systems into a unified schema
  • Implement Elastic Common Schema (ECS) formatted fields to enhance quality visualizations and alerts for analysts engaged in threat hunting
  • Maintain infrastructure and proactively identify issues or anomalous behaviors before they escalate
  • Partner with the vendor to establish best practices for the deployment and upkeep of system architecture in compliance with defined security requirements
  • Develop effective visualizations and alerts to assist in threat analysis and response
  • Ensure the system is regularly updated and well-maintained to provide optimal performance

Benefits

  • Health insurance
  • Life insurance
  • Disability insurance
  • Financial benefits
  • Retirement options
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life balance programs
  • Recognition awards program

Additional Information

The position is based in a flexible work model, either remote, hybrid, or onsite, depending on the role's needs.

Skills

CloudDockerElasticSearchKibanaKafkaKubernetesOpenShiftPythonSecuritySplunk

Similar roles

DevOps Environment Engineer

VMD Corp

Data Ops Engineer – Revenue Management

Holidu

AI Associate

Mech Solutions, Ltd

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free