ECS

Compensation

Full Description

ECS is seeking a SIEM Engineer III to work remotely.     Overview  The SIEM Engineer III provides senior-level engineering support for enterprise monitoring platforms within the federal energy sector. This role focuses on designing, deploying, and optimizing SIEM solutions to meet Information Security Continuous Monitoring (ISCM) and DHS Continuous Diagnostics and Mitigation (CDM) requirements. The position supports security operations by ensuring the platform delivers reliable log ingestion, accurate detections, and effective compliance reporting.  Core Capabilities  * Lead the design, deployment, and tuning of enterprise SIEM platforms (Splunk, Elastic, or similar).  * Architect and maintain integrations with enterprise systems, cloud platforms, and security tools (EDR, IDS/IPS, firewalls, threat intel feeds).  * Conduct advanced system health checks, performance tuning, and capacity planning.  * Automate SIEM processes using scripting (Python, PowerShell, Bash).  * Support SOC analysts by developing detections, dashboards, and use cases.  * Ensure platform documentation, configuration baselines, and procedures meet compliance standards.  * Collaborate with federal stakeholders to align SIEM capabilities with ISCM/CDM reporting requirements.  Salary Range: $125,000 - $152,000 General Description of Benefits [https://ecstech.com/careers/benefits] Qualifications * U.S. Citizenship  * Ability to obtain and maintain a DOE “L” clearance or DoD Secret clearance with reciprocity  * Minimum 5 years of experience in cybersecurity engineering, including 3+ years dedicated to SIEM engineering  * Hands-on expertise with at least one enterprise SIEM (Splunk, Elastic, QRadar, or LogRhythm)  * Experience onboarding diverse log sources (network, endpoint, cloud, SaaS) and tuning correlation rules  * Strong scripting skills (Python, PowerShell, Bash) for automation and integration  * Familiarity with federal cybersecurity standards (FISMA, NIST 800-53, ISCM, CDM)