Principal SIEM Engineer (ArcSight & Splunk)

Capgemini Government Solutions (CGS) LLC seeks a highly motivated SIEM engineer with experience handling both ArcSight and Splunk. The ArcSight/Splunk Engineer will be responsible for configuring the collection, parsing, correlation, and visualization of events for a critical operational system. Ability to demonstrate solid skills in system administration, log management, event correlation, and threat detection and will support building and maintaining a system that analyzes collected data and derives facts, inferences, and projections to resolve if the systems being supervised are operating normally. The individual will lead efforts to configure the systems which support analysts and end-users. The successful candidate will support the collection and extraction of data used to refine existing and new reports, analytics, and dashboards, and will be involved with the drafting and creation of reports and dashboards based on end-user requirements. They will also support the integration of resources across teams to better define the audit data being collected to eliminate false positives and false negatives from the data.

The successful applicant will have the opportunity to apply and grow their skills, work with a motivated and entrepreneurial team, engage with a wide range of collaborators, and build CGS’ capabilities to serve our clients.

Job Responsibilities

As a Principal SIEM Engineer (ArcSight & Splunk), you will be:

• Responsible for design, implementation and support ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
• Responsible for configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
• Responsible for fix ArcSight or Splunk dataflow issues between the various event flow components
• Responsible for configuring and deploying data collection for a variety of operating systems and networking platforms
• Responsible for creating Dashboards and Analytics within SIEM tools
• Working with monitoring systems supporting auditing, incident response, and system health
• Responsible for understanding networking components and devices, ports, protocols, and basic networking fix steps

Required Qualifications:

• US citizenship is required.
• Top Secret with SCI eligibility.
• Bachelor's degree in information technology, Computer Science, Information Systems, related field, or equivalent experience.
• A minimum of 8 years of related cybersecurity experience.
• A minimum of at least 4 years of proven ability with either ArcSight or Splunk
• Experience in design, implementation, and support of ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
• Experience with configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
• Experience with fixing ArcSight or Splunk dataflow issues between the various event flow components
• Experience configuring and deploying data collection for a variety of operating systems and networking platforms
• Experience creating Dashboards and Analytics within SIEM tools
• Experience working with monitoring systems supporting auditing, incident response, and system health
• Understanding of networking components and devices, ports, protocols, and basic networking fix steps
• The ability to solve issues with log feeds, search time, and field extractions
• The ability to solve problems related to data solutions.

Desired Qualifications:

• Network Security Operations Center (SOC) experience
• Experience and talent in date correlation
• Experience creating workflows for Incident Response within a SIEM Tool
• GIAC Certified Incident Handler Certification
• GIAC Cyber Threat Intelligence Certification
• Cybersecurity certifications
• Formal SIEM training

About Capgemini

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion.

Get the future you want | www.capgemini.com

Disclaimer

All qualified applicants will be considered for employment based on their skills, and merit.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future. The disclosed range takes into account the wide range of factors that are considered in making compensation decisions including, but not limited to, geographic location, relevant education, qualifications, certifications, experience, skills, seniority, performance, sales or revenue-based metrics, and business or organizational needs. At Capgemini, it is not typical for an individual to be hired at or near the top of the range for their role. The base salary range for the tagged location is [recruiter to insert salary range].

This role may be eligible for other compensation including variable compensation, bonus, or commission. Full time regular employees are eligible for paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.