SIEM Engineer - TS/SCI | San Antonio, TX

To be successful in this role, Engineer will maintain and obtain certifications aligned with industry standards to enhance their expertise. They are expected to utilize problem-solving skills to find effective resolutions and to escalate complex issues promptly. Excellent communication skills are essential for this role, as these individuals will interact with clients regularly.

How you'll make an impact

• Execute all tasks outlined in the scope of work and follow standard operating procedures with no direct oversight. 

• Provide assistance for detailed view of notable events, workbook for open investigations, and risk analysis scoring system.

• Assist and recommend actions in security operations center tier I and tier II incident response incidents.

• Automate issue resolution and compliance reporting to lower time on detection, time on mitigation for security organizations.

Client Engagement

• Develop and maintain strong relationships with clients to ensure satisfaction.

• Adhere to availability standards for responding to client inquiries.

• Lead the communication of technical concepts effectively to clients.

• Identify and communicate cross-sell and up-sell opportunities with the account team across services.

What we're looking for

• Currently holds a Top Secret/SCI clearance.

• Experience operating in classified environments.

• Bachelor’s degree in a related area or at least 4 years of related work experience.

• Understanding of identity, SIEM, cybersecurity, and infrastructure concepts.

• Have a solid understanding of SIEM Technologies and LogRhythm’s Architecture preferred and the connection between all components to include Platform Manager, Data Processor, Data Collector, Data Indexer, AI Engine and System Monitor agents.

• Understanding of account management and role-based access controls (RBAC).

• Understanding of Information Security guidelines & frameworks such as NIST.

• Understands Log Ingestion and network / security logs.

• LR301 and LR306 certifications to help grasp administrative functions of the tool are preferred but not required.

• Security certification (i.e. SEC+, CISSP, or GSEC) required.

• Understanding of FedRAMP and IL constructs.

• Strong interpersonal skills and ability to work collaboratively in a team.

• Ability to clearly communicate complex messages to a variety of audiences.

• Excellent problem-solving skills with a keen attention to detail.

• #LI-NA1

• #CJ

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv + ClearShark is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv + ClearShark respects your privacy. By providing your information through this page or applying for a job at Optiv + ClearShark, you acknowledge that Optiv + ClearShark will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv + ClearShark’s selection and recruitment activities.  For additional details on how Optiv + ClearShark uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.