Skyline is on the lookout for a Senior SIEM Engineer to join our vibrant, engaging and growing team in Maryland. Take your talents to a whole new level while providing important and meaningful contributions to our organization.

Core Responsibilities:

  • SIEM Project Engineering, Implementation, and Support                                           
    • Act as a security information and event management (SIEM) system Subject Matter Expert (SME) to architect, engineer, implement, and support organization and customer projects.
    • Interact with stakeholders in gathering requirements, onboarding data sources, configuration, and optimization of the SIEM suite of tools including products such as Splunk Enterprise Security.
    • Design and development of custom complex search queries to promote and support advance searching, forensics, and analytics.
    • Design and develop dashboards, data models, reports, visualizations, and perform performance optimization.
    • Provide knowledge and ability to architect, design, support, and maintain high availability, distributed, multi-clustered and multi-tenant Splunk deployment environments.
    • Provide support for SIEM deployment and server infrastructure analysis, optimization, and capacity planning.
    • Provide support for onboarding and maintaining a wide variety of data sources to include various OS, appliance, and application logs.
    • Drive ongoing improvement of processes for integrating SIEMs and ingesting data.
    • Develop and provide documentation on SIEM architectures, technical designs, data flows, as-built documents, and SOPs.
    • Other duties as assigned.
  • Business Development                                                                                                         
    • Assist with project Level of Effort (LoE) creation and scoping.
    • Serve as a SME on Splunk and other SIEMs to assist with business development proposals.
  • Internal Security Work Prioritization, Planning, and Scheduling meetings             
    • Attend project specific planning meetings for projects with a vested interest.
    • Attend weekly team planning meetings.
    • Attend daily standups.
  • Personal Growth and Development                                                                                  
    • Continual professional growth in the security field through the pursuit of Splunk and other vendor specific certifications.
    • Expand skillset in soft skills, leadership, and management through continual personal development. Specifically using skyline library, participation in Skyline training, or additional methods.
    • Attend Splunk conferences for personal development and networking opportunities.
    • Attend One-on-Ones, performance management, and interviews.

Education and Experience Requirements

    • At least seven (7) years of experience in an information technology related field.
    • At least three (3) years of progressive experience in engineering, implementation, and support of security information and event management technologies.
    • Bachelor’s degree from an accredited college or university with a major in Cyber Security Computer Science, Information Systems, Engineering or related scientific or technical discipline.
    • At least ten (10) years of experience in an information technology related field in lieu of Bachelor’s degree.

    Technical Skills Requirements

    Required Skills/Certifications:

    • Strong demonstrated experience with Splunk and Splunk Enterprise Security.
    • Strong demonstrated experience with SIEM architecture, design, and implementation.
    • Demonstrated experience with operational and security hardening configuration for SIEM solutions.
    • Demonstrated experience with configuration management and change control for SIEM solutions.
    • Demonstrated experience managing and troubleshooting SIEM systems in Windows and various Linux distributions.
    • Scripting experience with one or more of the following languages: PowerShell, Bash, Shell, and/or Python
    • CompTIA Security+ certification
    • Splunk certifications, for example: Splunk Power User, Splunk Enterprise Admin, Splunk Enterprise Architect, and Splunk Enterprise Security Admin

    Desired Skills/Certifications:

    • Splunk Certified Core Consultant certification
    • Experience with cloud environments such as AWS, Azure, and/or GCP, and cloud security architecture.
    • Experience with other SIEM programs such as ELK and Azure Sentinel.
    • Experience in project task technical analysis, planning, and estimation.
    • Experience with technology capabilities market research, technical analysis/review, and recommendation.

About Skyline

Skyline is a full-service IT integrator, enterprise solutions provider, and product development organization headquartered in Maryland and serving clients throughout North America. 

Our mission is to enrich the lives of those we serve, while passionately creating solutions to complex problems. We strive to co-create value with employees, customers, partners, and our community in every interaction. 

We establish trusting relationships through capability, commitment, and consistency. We openly communicate, deepening relationships through mutual trust, respect, and grace; even in times of adversity. 

If you are looking to work for a company that cares deeply about its employees and clients, if you’re inspired by our mission and values, if you want to further develop yourself and others, please apply today!