Req: SIEM Engineer (Security Information and Event Management).
Location: Remote
Resource(s) Minimum Qualifications
1) BA/BS degree in Computer Science, Business Management, or an IT-related field (as
determined by the AOC)
2) Three (3) years’ experience with Azure Sentinel.
3) Three (3) years’ experience with Kusto Query Language.
4) One (1) year experience with Information Security.
5) Active Microsoft Security Operations Analyst Associate certification.
Offeror Resource(s) Skills, Experience, & Capabilities
Offeror shall propose resource(s) possessing the following mid to expert-level preferred
skills, experience, and capabilities:
1) Recent experience with the administration and management of Microsoft Sentinel.
2) Experience developing, compiling, and executing KQL queries.
3) Strong aptitude to learn platforms, to work with stakeholders, to understand and provide
thoughts on how to customize and maintain platforms to meet organizational business
needs.
4) Experience generating playbooks and using Azure logic apps for security orchestration,
automation and response.
5) Experience in querying, reviewing and providing contextual information from log data.
6) Proficient in the use of the M365 Office suite of tools.
7) Ability to establish and maintain effective working relationships with peers, end users and
vendor development staff, as well as all levels of management and judicial personnel as
necessary.
8) Ability to communicate clearly and lead technical discussions related to log data management and knowledge sharing.
Job Types: Full-time, Contract
Pay: $47.51 - $55.00 per hour
Expected hours: 8 per week
Schedule:
Experience:
- Linux: 1 year (Preferred)
- Cybersecurity: 1 year (Preferred)
- Information security: 1 year (Required)
Work Location: Remote