Plano, Texas

Responsibilities for this Position
Location: USA CO Home Office (COHOME)
Full Part/Time: Full time
Job Req: RQ130428

Type of Requisition:

Clearance Level Must Currently Possess:

Clearance Level Must Be Able to Obtain:

Public Trust/Other Required:

Job Family:
Cyber Engineering

Job Description:

We are GDIT. We stay at the forefront of innovation to solve complex technical challenges.

The desired candidate will provide cybersecurity data analysis services, which designs, develops, builds, tests, configures, employs, operates, integrates, sustains, and refreshes the Security Information Events Management (SIEM) capability (i.e. Enterprise Audit), long-term analytics platform, log aggregation platform, and the cyber threat intelligence capability, signature development and deployment, and reputation management services. This includes the onboarding of all new and existing IT resources, and ensuring the correct routing of all audit events to mission partners in accordance with Joint Special Access Program Implementation Guide (JSIG) standards.

The Cloud SIEM Engineer will serve as a member of the Governance Risk and Compliance (GRC) team as the SIEM)/Linux administrator. The SIEM administrator will be responsible for ensuring that logs are collected from systems and devices across the architecture into SIEM system for analysis. Engineer will be responsible for building custom dashboard supporting continuous monitoring activities. The SIEM Admin will be responsible for coordinating with tech administrators to tune systems and devices. Identify and integrate internal and external data sources, create queries and maintain SIEM dashboards. The SIEM Admin will apply current STIGs and system updates to ensure SIEM system compliance.

Job Duties Included:
  • Create queries, dashboards, and visualizations to support customer requirements and monitoring of the SIEM deployment.
  • Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency approved change management processes. This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the environment.
  • Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions
  • Perform continuous engineering assessments to improve the performance, effectiveness, coverage, and maturity of this service.
  • Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with all Federal, DoD, directives, orders, polices, guidance, procedures etc.
  • Perform all development, design, engineering, testing, integration, and implementation actions needed for the total integration and interoperability between all applicable assets in the Government Furnished Information - Software Tools list. This includes ensuing all data flows are properly parsed for ingestion/transmission to internal and external automated reporting systems.
  • Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions
  • Use various monitoring, analysis, and visualization tools to track effectiveness, status, performance metrics, and other information as needed or required by Government staff and contractors assigned Cybersecurity Operations Services and Cybersecurity Readiness Services
  • Experience creating and fine-tuning SIEM content such as correlation rules, reports, dashboards, filters, channels, and integrating threat intelligence to improve accuracy and visibility to potential threats and alerts.
  • Monitoring and managing the health and performance of SIEM platform
  • Onboarding log sources and data sources, developing new and custom parses, and designing SIEM architecture reviews
  • Creating use cases and correlations alerts in the SIEM for continuous security monitoring
  • Security Operations experience with operating systems, or cloud infrastructures and services (Azure/AWS)
  • Participating in client meetings to further optimize their specific operational plan based on our best practices and operational learnings
  • Conveying complex technical security concepts to technical and non-technical audiences including executives.

Position Requirements:
  • TS clearance required
  • 3+ years of experience
  • DoD 8570.01-M IAT Level II and CSSP Infrastructure Support certifications
  • Monitor systems across a complex tech stack using elastic
  • Certification in Elastic, Splunk or other SIEM solution
  • Excellent analytical and problem-solving abilities
  • Strong presentation and communication skills
  • Knowledge of concepts and solutions of security services in the Zero-Trust model
  • Maintains enterprise cybersecurity infrastructure requirements
  • Applies Elastic search experience to optimize SIEM and data utilization for long term archive
  • Monitors, maintains and upgrades Elasticsearch environment
  • Elasticsearch/Splunk expert to include infrastructure support experience
  • AWS cloud expert
  • Linux (RHEL) Expert
  • Bash / Python Scripting
  • Experience working with log formats for syslog, http logs, and DB logs required.
  • Knowledge of industry standard design patterns in common languages such as Java and Unix / Linux shell scripting preferred.

Desired skills:
  • Arcsight
  • Splunk
  • Access Management
  • Red Hat Certified System Administrator (RHCSA) or higher certification
  • SOAR
  • User Behavior Analytics(UBA)
  • Beats
  • Log Stash
  • Event Broker
  • Experience with Logstash
  • Defense in depth
  • Security Automation

Experience with the following administrative concepts:
  • Agile development
  • Cross-Functional teams
  • Documentation/Learning management
  • Process management

  • Full-flex work week
  • 401K with company match
  • Internal mobility team dedicated to helping you own your career
  • Collaborative teams of highly motivated critical thinkers and innovators
  • Ability to make a real impact on the world around you

#DEE2020 #Defense #USAF #gditcareers #kmp #cloud #ICAM #SIEM #LinuxAdministrator #remote #AWS #cjobs #dicepost #gdpost #Cloud #SIEMengineer#AFOpportunities #NDRC22 #DEEOPEN8022022 #DEEjobs

The likely salary range for this position is $100,000 - $150,000, this is not, however, a guarantee of compensation or salary; rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:

Travel Required:
Less than 10%

Telecommuting Options:

Work Location:
Any Location / Remote

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

COVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.


Plano, Texas

General Dynamics is a global aerospace and defense company.

Our portfolio spans the realm of the world's most technologically advanced business jets, wheeled combat vehicles, command and control systems and nuclear submarines. We offer these through our five business groups: Aerospace, Combat Systems, Information Technology, Mission Systems and Marine Systems.

General Dynamics employs thousands of people across the globe, with locations in more than 45 countries. We rely on the skills of our employees and their knowledge of customer requirements to deliver best-in-class products and services.

Who We Are Looking For 

General Dynamics is seeking military veterans and military spouses across the country who bring a deeply rooted skillset that includes team-oriented approaches to problem-solving, demonstrations of leadership and an overall commitment to the mission of the organization.  We recognize the knowledge and skills gained during your military experience are invaluable to the success of a team. We’re proud of the thousands of veterans and military professionals who have chosen to apply their leadership, teamwork and problem-solving skills to a career at General Dynamics and to continue supporting the mission of those serving today.

Should I Apply?

At General Dynamics, our employees are the heart of our company. We rely on their dedication to excellence and their intimate knowledge of customer requirements to meet the needs of customers around the globe, day in and day out. Our employees' unique blend of skill, innovation and agility drives our continued success, and we take our responsibility to them seriously. If you are a military veteran or military spouse ready to advance your career, view our available career opportunities to the right for more information and to apply today!

What Happens After I Apply?

Once you click ‘Apply Now’ on a General Dynamics posting, you will be re-directed to fill out an application on General Dynamics career page.  In order to be considered for next steps, please complete the application on General Dynamics career page and make sure you have an updated resume uploaded to your RecruitMilitary profile.  Once General Dynamics reviews your resume and profile, a recruiter will reach out to provide you with more information and to schedule you for an interview.

How to Win An Interview

1.     Review the job description for the specific position you are applying for.

2.     Review the company website. Know their mission and values. What do they do? What are their products?

3.     Prepare a few questions to ask on your interview.

4.     Prepare to discuss your military or civilian background and how it relates to the position. 

5.     Check out the RecruitMilitary Resources tab for resume guidance, interview prep and more!

Similar jobs