SIEM Platform Engineer
ECS is seeking a SIEM Platform Engineer to work remotely.
Salary Range: $125,000-157,000
General Description of Benefits
Overview
The Monitoring Platform Engineer supports a federal energy sector cybersecurity program by engineering, maintaining, and optimizing security monitoring platforms. This role ensures the reliability and effectiveness of SIEM and related monitoring tools to meet Information Security Continuous Monitoring (ISCM) and Continuous Diagnostics and Mitigation (CDM) requirements. The engineer works directly with security analysts, system owners, and DHS CDM teams to ensure continuous visibility, timely detection, and compliance with federal cybersecurity standards.
Core Capabilities
- Deploy, configure, and maintain monitoring platforms such as Splunk, Elastic, or similar SIEM technologies
- Integrate monitoring platforms with enterprise systems, cloud environments, and security tools
- Develop and optimize dashboards, alerts, and data pipelines to support ISCM and CDM reporting requirements
- Automate platform tasks and streamline monitoring workflows through scripting (Python, PowerShell, Bash, etc.)
- Monitor and tune platform performance to ensure high availability and accuracy of security data
- Troubleshoot and resolve platform-related issues in coordination with analysts and engineers
- Maintain documentation of platform configurations, standard operating procedures, and system baselines
- U.S. Citizenship
- Ability to obtain and maintain a DOE “L” clearance or DoD Secret clearance with reciprocity
- Hands-on experience with at least one enterprise SIEM platform (Splunk, Elastic, QRadar, or LogRhythm)
- Experience integrating SIEM with enterprise IT systems, cloud platforms, or endpoint detection tools
- Proficiency in scripting (Python, PowerShell, or Bash) for automation and data integration
- Strong understanding of federal cybersecurity frameworks (NIST SP 800-53, ISCM, CDM)
- Minimum 4–6+ years of experience in cybersecurity engineering or security monitoring