Position DescriptionSIEM/SOAR Engineer to manage and maintain the CSSP's Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. This role is responsible for administering an enterprise Elastic cluster while ensuring the performance, availability, and security of these critical systems. The engineer will leverage strong communication, analytical, and problem-solving skills to identify, communicate, and resolve issues, ultimately maximizing the effectiveness and value of CSSP security system investments.
Location: Onsite in Charleston, SC.
Clearance Required: Active Secret
Education Requirement: Bachelor's Degree; Area(s) of Study should be in Computer Science, Information Technology, or a related field, or possess equivalent professional experience.
Certification Required: DoD 8570 IAT Level II and DoD 8140 CSSP Auditor compliant certifications
Required Experience:- A minimum of 3 years of experience in full-stack development, emphasizing DevSecOps practices.
- Proficiency in front-end technologies such as HTML, CSS, JavaScript, and frameworks (e.g., React, Angular).
- Proficiency in back-end technologies such as Node.js, Python, Ruby, Java, or .NET.
- Experience with databases (SQL and NoSQL) and AWS RDS
- Strong understanding of DevSecOps practices and tools (e.g., Docker, Kubernetes, Git).
- Experience with CI/CD pipelines and automation tools.
- Knowledge of secure coding practices and security frameworks (e.g., OWASP).
- Excellent problem-solving and analytical skills.
- Strong communication and collaboration skills.
- Ability to work in a fast-paced, Agile environment.
- Working knowledge and experience using APIs.
- Experience working in cloud platforms (specifically with AWS and Azure).
- Experience with the Atlassian tool suite.
- Knowledge of infrastructure-as-code (IaC) tools (e.g., Terraform, Ansible).
- Experience with container security pipeline development
Responsibilities:- Develop, test, and maintain web applications utilizing both front-end and back-end technologies.
- Integrate security into the development pipeline through DevSecOps practices.
- Collaborate with engineers, sustainment, security tools, and operations teams to bolster automation and security.
- Write clean, maintainable, and efficient code in adherence to best practices and coding standards.
- Build and sustain CI/CD pipelines for automating build, test, and deployment procedures.
- Implement and oversee security controls and monitoring systems.
- Address and resolve issues across development, testing, and production settings.
- Engage in Agile/Scrum activities, including daily stand-ups, sprint planning, and retrospectives.
- Document technical processes and security protocols.
- Work effectively in a team-based, collaborative setting.
