SIEM/SOAR SME

cBEYONData is seeking a Security Information and Event Management (SIEM) / Security Orchestration, Automation and Response (SOAR) expert.  The individual will work in a dynamic, fast paced environment to help set strategy and implementation plans surrounding the Neighborhood Watch concept. Neighborhood Watch aims to consolidate its more than 26 SIEM capabilities into one new SIEM plus Security Orchestration and Automation Response plus security validation environment solution that’s common across EIS and integrates transparently into the Army United SIEM (uSIEM) initiative 

Responsibilities:

• Attend meetings and help devise strategy and implementation planning surrounding Neighborhood Watch
• Build Proof of Concept (POC) features to demonstrate capabilities before they go to scale
• Proactively engage Government leaders to find ways to add value and help advance this important concept
• Be able to work in dynamic, fast paced environment with minimal direction

Requirements:

• BA/BS with 10 years of experience (Degree requirement can be substituted with additional years of experience)
• Secret Clearance or higher
• Demonstrated experience with SIEM/SOAR
• Proficiency in configuring, managing, and optimizing SIEM platforms such as Splunk, IBM QRadar, ArcSight, LogRhythm, or Azure Sentinel
• Experience with SOAR platforms like Splunk Phantom, IBM Resilient, Demisto, or Swimlane
• Deep understanding of threat detection methodologies, incident response, and security operations
• Ability to analyze security events and conduct thorough investigations
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation tasks and integrating security tools
• Experience with APIs to enable integration and automation between various security systems
• Strong knowledge of network security concepts, protocols, and technologies (e.g., firewalls, IDS/IPS, VPNs)
• Experience in collecting, parsing, and analyzing logs from diverse sources (servers, applications, network devices)