Security Information and Event Management (SIEM) Support Specialist

Company Overview:

Over the past 15 years, eTel has delivered essential solutions for the federal government by securing and managing data, providing scalable identity access, modernizing legacy systems, and building high-performance platforms. By integrating new technologies and ensuring reliable operations we help agencies stay prepared for future challenges. As a premier technology solutions and services company to the US federal government, eTel possesses longstanding relationships across the federal civilian marketplace, with especially strong ties with Internal Revenue Service (IRS). Other customers include the broader Treasury Department, Commerce Department, and State Department.

eTel offers integrated CMMI Level 3 processes, tools, and techniques with innovative, cost-efficient, and secure solutions to address complex challenges. eTel also holds ISO 9001:2015, ISO/IEC 27001:2013, and ISO/IEC 20000-1:2018 certifications, and offers dedicated subject matter experts (SMEs) and thought leaders that possess a deep understanding of customers’ environments and challenges.

Position Summary:

Provide SIEM expertise to implement, manage, and tune security monitoring and analysis solutions (e.g., Microsoft Sentinel), ensuring full log coverage and robust threat detection and response capabilities.

Key Responsibilities:

• Oversee ingestion, normalization, and analysis of logs from diverse IT/OT systems.
• Consult on log storage, cost management, and architecture for scalable, efficient SIEM operations.
• Conduct continuous rule updates and baseline improvements for SIEM systems.
• Integrate threat intelligence, review hardening recommendations, and update standards agency-wide.
• Lead educational efforts (labs, workshops) on Azure/M365 cloud services security monitoring.
• Provide 24x7x365 monitoring of security events (endpoints, servers, network devices, user behaviors, Sentinel instances).
• Develop and implement automated response playbooks to accelerate incident investigation and handling.
• Collaborate with RMF/ISSO support and DfE specialist for cross-functional cybersecurity operations.

Required Qualifications:

• Bachelor’s degree and minimum 3 years of SIEM implementation/administration (preferably in GCC-H/GCC).
• Proficient with Microsoft Sentinel, Azure, and automation/orchestration tools.
• Experience with log analysis, cyber threat intelligence, incident response, and federal security reporting.
• Must be able to pass a GPO public trust background check.

Additional Requirements for All Key Personnel:

• General GCC-H/GCC Experience: All roles require a minimum of 3 years’ hands-on work with Microsoft Government Cloud (GCC-H/GCC) environments.
• Security Clearance: Ability to pass and maintain a GPO Public Trust background check.
• Eligibility for Telework: All FTEs may telework but must be available for all in-person meetings as required by GPO IT Security.

Commitment to Diversity -
eTelligent Group provides equal employment opportunities (EEO) to all applicants without regard to race, color, religion, gender, sexual orientation, gender identity, nations origin, age, disability, genetic information, marital status, amnesty, status as a covered veteran, and any other characteristic provided in accordance with applicable, federal, state and local laws.