SIEM Infrastructure and Detection Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

ECS · 22 hours ago

SIEM Infrastructure and Detection Engineer

positionPortland, OR
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

ECS is a leading mid-sized provider of technology services to the United States Federal Government. They are seeking a SIEM Infrastructure and Detection Engineer to support a federal energy sector cybersecurity program by engineering, maintaining, and optimizing the SIEM infrastructure and security monitoring platform.

Artificial Intelligence (AI)Cloud InfrastructureComplianceConsultingCyber SecurityInformation TechnologyMachine LearningSecuritySoftware
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Lead the design, deployment, and monitoring of enterprise SIEM platforms (e.g., Splunk, Elastic Stack)
Architect, implement, and maintain integrations with enterprise systems, cloud environments, and security tools (e.g., EDR, IDS/IPS, firewalls, TIP)
Develop and optimize dashboards, alerts, and data pipelines
Automate platform tasks and SIEM processes using scripting (e.g., Python, PowerShell, bash)
Monitor and tune platform performance to ensure high availability and accuracy of security data
Troubleshoot and resolve platform-related issues in coordination with analysts and engineers
Collaborate with federal stakeholders to align SIEM capabilities with ISCM and CDM reporting requirements
Maintain documentation of platform configurations, standard operating procedures, and system baselines

Qualification

SIEM platformsScriptingCybersecurity engineeringCloud security architecturesFederal cybersecurity frameworksTroubleshootingDocumentationCollaboration

Required

U.S. Citizenship with ability to obtain and maintain a DOE “L” clearance
Hands-on experience with at least one enterprise SIEM platform (Splunk, Elastic, QRadar, or LogRhythm)
Experience integrating SIEM with enterprise IT systems, cloud platforms, or endpoint detection tools
Experience onboarding diverse log sources (network, endpoint, cloud, SaaS) and tuning correlation rules
Proficiency in scripting (Python, PowerShell, or Bash) for automation and data integration
A Bachelor's or equivalent and minimum 5 years of experience in cybersecurity engineering and security monitoring, including 3+ years dedicated to SIEM engineering

Preferred

Advanced Splunk engineering experience (indexer/search head clustering, CIM compliance, custom TAs)
Experience with Elastic Stack (Elasticsearch, Logstash, Kibana) deployment and management
Familiarity with SOAR integration and orchestration for automated response
Experience with configuration management tools (e.g., Ansible, Terraform, Chef, Puppet)
Familiarity with Zero Trust principles and cloud security architectures (AWS, Azure, GCP)
Exposure to OT/ICS environments within critical infrastructure
Strong understanding of federal cybersecurity frameworks (e.g., NIST SP 800-53, ISCM, CDM)
Relevant certifications such as Splunk Certified Admin, Elastic Engineer, or CISSP

Company

ECS

twittertwittertwitter
Glassdoor3.6
company-logo
ECS is a fast-growing 4,000-person, $1.2B provider of advanced technology solutions for federal civilian, defense, intelligence, and commercial customers.
dateFounded in 2001
location
Fairfax, Virginia, USA
people-size1001-5000 employees
web-link
https://www.ecstech.com

Funding

Current Stage
Late Stage
Total Funding
unknown
2018-01-31Acquired
2015-04-10Private Equity

Leadership Team

leader-logo
Keith McCloskey
VP / Chief Technology Officer
linkedin
leader-logo
Ryan Garner
Chief Financial Officer
linkedin

Recent News

Morningstar.com
ECS Recognized as a Top Partner with 2025 Elastic Services Partner Award – AMER
2025-11-19
MarketScreener
ECS Joint Venture 1CyberForce Wins Spot On $20B Cybersecurity Vehicle
2025-03-26
citybiz
ECS Names John Lau Vice President of Defense and Intel Solutions
2025-02-14
Company data provided by crunchbase