SIEM Platform Engineer The Opportunity: Work with clients and peers to build a high-performing system using Elastic to aggregate logs from many systems into a single common schema. Use Elastic Common Schema (ECS) formatted fields, create quality visualizations and alerts that analysts can use for threat hunting, maintain infrastructure, and identify problems or anomalous behavior before they become a larger issue and can be actioned on. Work with the vendor to determine best practices for deployment and maintenance of system architecture and deploy within designated security requirements. You Have: • 1+ years of experience with SIEM platforms, such as Splunk Enterprise Security, Elastic Security, Kibana, Sentinel, or Chronicle • Experience designing data pipeline architectures for security operations, including log collection, normalization, enrichment, and routing • Experience with Elastic Stack, Logstash, Elasticsearch, Kibana, and Beats, including installing, configuring, maintaining, upgrading, and troubleshooting these products • Knowledge of EDR, NDR, or full-packet capture solutions, such as CrowdStrike, Corelight, or Trellix • Knowledge of deploying platforms across cloud, on-premises, and disconnected environments using Kubernetes or OpenShift • Knowledge of Elastic Index Lifecycle Management (ILM) • TS/SCI clearance • HS diploma or GED Nice If You Have: • Experience with stream processing or data brokering platforms such as Cribl, Kafka, Logstash, or Fluentd • Experience working with Docker, Kubernetes, and cloud containerization solutions, such as Elastic Cloud on Kubernetes (ECK) • Experience with DevSecOps CI/CD pipelines in IL5, IL6, or IL7 environments • Experience with Python or scripting languages for security automation • Security+, CISSP, CISSP-ISSEP, or CASP+ Certifications Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. Compensation Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $77,600.00 to $176,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Work Model Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings. • Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility. • Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility. • Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.