SIEM Engineer (ArcSight/Splunk)

Job Locations US-DC
Posted Date 1 month ago(2/16/2018 5:00 PM)
Job ID
Information Technology


AnaVation is looking for a talented Security Information and Event Management (SIEM) Engineer who is passionate about technology and working with cutting edge software and hardware to support our mission critical customer in Washington, DC. The ideal candidate appreciates partnering with our customer and a group of engineers to create innovative engineering solutions.



  • Provide optimization of data flow using aggregation, filters, etc. Develop custom Flex Connector as required to meet use case objectives.
  • Participate in the operation of SIEM systems to include ArcSight ESM, Splunk ES, Oracle, Connector Appliances, SmartConnectors, Logger appliances, Windows and Linux servers, network devices and backups
  • Life-cycle management of the SIEM platforms to including coordination and planning of upgrades, new deployments, and maintaining current operational data flows
  • Apply Configuration Management disciplines to maintain hardware/software revisions, content, security patches, hardening, and documentation
  • Provide guidance to security analyst and network engineering staff
  • Working Closely with C&A Team to maintain Security requirements for Operation of ArcSight systems
  • Responding to day-to-day security requests relating to ArcSight and Splunk operations.
  • Tunes performance and event data quality to maximized system efficiency.
  • Assists with analyst using various tools to detect and respond to IT security incidents.
  • Performing systems hardening to meet DoD and IC Standards
  • Help maintain up to date documentation of designs/configurations
  • Troubleshoot and conduct system health checks, including but not limited to performance issues, integration problems and outages and preventative maintenance
  • Develop filters, rules and customized reports for Loggers
  • Perform system user administration
  • Monitors and oversees the completion and implementation of technical products to ensure success and timeliness. Provides high-level analysis and design reviews to avoid duplication of efforts.
  • Evaluates vendor capabilities to provide the most complex required products or services. Conducts cost analyses to determine feasibility of various vendor products. Recommends vendor(s) and approach and presents to senior management/customer as appropriate.
  • Provides highly complex technical consultation to other organizations; interacts with senior customer personnel and internal senior management.
  • Researches and understands the marketing requirements for a product including target environment, performance criteria and competitive issues. Provides product expertise to the marketing process.
  • Prepare and present RFC documentation to Configuration Control Board (CCB) when required in order to perform necessary administrative actions on Smart Connectors, Connector Appliances, and Logger Appliances
  • Effective organizational, writing, and communication skills.
  • Participates in identifying business requirements; ensures delivered solutions meet performance expectations.
  • Recommends program/project release schedules based on knowledge of software development life cycle; delivers functionality and ensures the integrity of the overall system.
  • The candidate will be required to create Requests for Change (RFC's) and defend the proposed solutions impact to the CCB.
  • Develops and implements guidelines for deployment of product.
  • Performs document reviews to ensure effective and appropriate environment changes and demonstrates ability to escalate needs when necessary.
  • A requirement of this position is that all candidates submit sanitized writing samples demonstrating previous engineering work and documentation experience as a part of the selection process


Essential Job Functions

  • Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
  • Provides complex engineering analysis and support for firewalls, routers, networks and operating systems. Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment. Reacts to and initiates corrective action regarding security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security.
  • Oversees user access process to ensure operational integrity of the system. Enforces the information security configuration and maintains system for issuing, protecting, changing and revoking passwords.
  • Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Develops, implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications.
  • Performs complex product evaluations, recommends and implements products/services for network security. Validates and tests complex security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
  • Reviews, recommends and oversees the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.
  • Provides complex technical oversight and enforcement of security directives, orders, standards, plans and procedures at server sites. Ensures system support personnel receive/maintain security awareness and training.
  • Assesses the impact on the business unit/customer caused by theft, destruction, alteration or denial of access to information and reports to senior management.
  • Provides leadership and work guidance to less experienced personnel.
  • Bachelor's degree or equivalent combination of education and experience
  • Bachelor's degree in computer science or related field preferred
  • Seven or more years of experience in network, host, data and/or application security in multiple operating system environments
  • Experience deploying and maintaining SIEM tools (e.g., ArcSight, Splunk) in large enterprise-class environments across multiple enclaves.
  • Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
  • Experience working with internet, web, application and network security techniques
  • Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
  • Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
  • Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
  • Experience working with NIST Special Publications and C & A process methodology
  • Possess security certifications (CISSP, CCNA, etc.) and/or top secret security clearance
  • Candidate must hold an Active TS security clearance with SCI eligibility.


  • Good communication skills
  • Strong analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
  • Ability to perform and interpret vulnerability assessments
  • Ability to administer the operations of a security infrastructure
  • Ability to balance and prioritize work

EEO Statement

AnaVation is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law. If you need a reasonable accommodation for any part of the employment process, please contact us by email at and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.