Cybersecurity SIEM (Security Information Event Management) Engineer

Advanced Technologies and Laboratories (ATL), a Planned Systems International (PSI) company, is hiring for a Cybersecurity SIEM (Security Information Event Management) Engineer. The Cybersecurity SIEM (Security Information Event Management) Engineer administers and tunes the technology required to detect and analyze cybersecurity threats for maximum value and effectiveness. The ideal candidate is a self-starter and strong collaborator with multiple years' experience installing and maintaining SIEMs and related components such as log aggregators and forwarders. Prior experience and/or familiarity with cybersecurity testing, incident response, or analysis is a plus. This position is located on NREL's Golden, CO campus or remote.

Duties Shall Generally Include: Operates and maintains SIEM tools and components, such as log aggregators, forwarders, and data observability systems. Tests, implements, and tunes new on-premises and cloud-based technical environments that support infrastructure visibility, analysis, automation, and secure data retention. Develops content that enables cybersecurity personnel to take maximum advantage of existing tool capabilities, including workflows, integrations, and automated tasks. Collaborates across Information Technology Services teams to integrate SIEM components with cybersecurity enrichment and analysis platforms and system management tools. Creates and maintains architectural documentation and operational procedures that describe the scope, purpose, configuration, use, and maintenance of the SIEM tools and environments. Contributes to projects (as assigned or independently) that improve the effectiveness and efficiency of a cybersecurity program, including but not limited to workflow improvements, automation expansion, management tool enhancements, program or strategic initiatives, and user awareness training

Related Bachelor's Degree and 5 or more years of experience. Or, related Master's Degree and 3 or more years of experience. Or, equivalent related education or experience.
• Ability to perform research, read documentation, and independently learn new skills.
• Must be a self-starter * Ability to work both alone and as part of a collaborative team
• Demonstrated skills in critical thinking and problem solving * Excellent written and verbal communication skills, including active listening, ability to prepare and deliver presentations, and clear written correspondence and documentation
• HSPD-12 compliant credential required.
• One or more professional security and/or systems engineering certifications, such as GIAC (SANS) certifications, Security+, CISSP, or training evidencing effort to attain future certification

• Experience includes at least 3 years in an Information Technology role working specifically in a SIEM engineering role, or a role that includes significant time performing SIEM engineering (tool selection, installation, and maintenance)
• Technical background in multiple disciplines, including experience with: Windows and Linux server and workstation system administration; TCP/IP networking concepts, Bash command-line expertise, network protocols and architecture; security measures/defense-in-depth
• Experience managing, and troubleshooting tools and significant infrastructure in a production (live) environment
• Experience dealing with common cyber security concepts and threats and describing them to others
• Intermediate scripting/programming ability with various languages, preferably Python, in support of security orchestration and automation
• Technology-specific experience or training/certifications with Splunk SIEM and Cribl is a plus
• Understanding of cloud security architecture (AWS/Azure/Google Cloud), event collection and aggregation a plus.

PSI offers full-time, benefits eligible employees a competitive total compensation package that includes paid leave, and options for employer sponsored group medical, dental, vision, short-term and long-term disability, life insurance, AD&D coverage, legal services, identity theft, and accident insurance. Flexible spending account and health saving account options offer pre-tax savings for qualified medical, dental, and vision expenses. The company sponsored 401(k) retirement plan has an employer contribution match that is immediately vested. We invest in the professional growth of our employees through professional courses, certifications, and tuition reimbursement programs.

It is company policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits, and termination, are made without regard to race, color, religion, age, sex, sexual orientation, pregnancy, gender identity, genetic information, national origin, citizenship status, veteran status, protected veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.

Reasonable accommodations for applicants and employees with disabilities will be provided. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources by emailing HRDepartment@plan-sys.com, or by dialing 703-575-8400.