Siem Platform Engineer

Booz Allen Hamilton

Arlington, VA, United States
Base: $77,600.00 to $176,000.00; bonus/equity: not...
Onsite
Elastic stack, logstash, elasticsearch, kibana, beats
Elastic common schema (ecs)
Detection engineering pipelines
Booz Allen Hamilton is seeking a SIEM Platform Engineer to build high-performing systems using Elastic for log aggregation and threat detection. The ideal candidate should have over three years of experience with SIEM platforms and a TS/SCI clearance

Job Summary

  • Work with clients and peers to build a high-performing system using Elastic to aggregate logs from many systems into a single common schema.
  • Use Elastic Common Schema (ECS) formatted fields, create quality visualizations and alerts that analysts can use for threat hunting, maintain infrastructure, and identify problems or anomalous behavior before they become a larger issue and can be actioned on.
  • Work with the vendor to determine best practices for deployment and maintenance of system architecture and deploy within designated security requirements.

Matching Summary

Match Score: 85

Booz Allen Hamilton is seeking a SIEM Platform Engineer to build high-performing systems using Elastic for log aggregation and threat detection. The ideal candidate should have over three years of experience with SIEM platforms and a TS/SCI clearance.

Salary

Base: $77,600.00 to $176,000.00; Bonus/Equity: Not specified; Benefits: Health, life, disability, financial, and retirement benefits, paid leave, professional development, tuition assistance, work-life programs, and dependent care.

Skills & Requirements

Must-have

  • Elastic Stack, Logstash, Elasticsearch, Kibana, Beats
  • Elastic Common Schema (ECS)
  • Detection engineering pipelines
  • Threat hunting workflows
  • Cloud, on-premises, disconnected environments
  • Kubernetes or OpenShift
  • Classified or compartmented environments

Nice-to-have

  • Stream processing or data brokering platforms
  • Docker, Kubernetes, ECK
  • DevSecOps CI/CD pipelines
  • Python or scripting languages
  • Security certifications

Key Requirements

  • 3+ years of experience with SIEM platforms
  • 1+ years of experience designing data pipeline architectures
  • 1+ years of experience with Elastic Stack
  • Experience architecting detection engineering pipelines
  • Experience with EDR, NDR, or full-packet capture solutions
  • Experience deploying platforms across cloud, on-premises, and disconnected environments
  • Experience working in classified or compartmented environments
  • Knowledge of Elastic Index Lifecycle Management (ILM)
  • TS/SCI clearance
  • HS diploma or GED

Work Rights

TS/SCI clearance required

Tailored Resume

Cover Letter