Security Information Event Manager (SIEM) Administrator

A Security Information Event Manager (SIEM) Administrator is responsible for managing the organization's security information and event management (SIEM) system using Splunk. This role involves implementing, maintaining, troubleshooting, and optimizing the SIEM system to ensure effective security monitoring and incident response., * Implement, install, and troubleshoot Splunk Enterprise (SE) and Splunk Enterprise Security (ES) systems.

• Maintain and administer SE and ES configurations, indexes, apps, and knowledge objects.
• Monitor system health, capacity, and performance to proactively address issues.
• Configure new data inputs to expand data collection capabilities.
• Create security dashboards, reports, alerts, and notifications.
• Collaborate with system administrators to enhance security monitoring capabilities.
• Perform updates and patches on the Splunk platform.
• Audit and review security practices to prevent security incidents.
• Maintain documentation of system configurations and changes.

• High School Diploma.
• At least 4+ years of system, network administration, or developer experience and 2+ years of Splunk administration. A Bachelor's degree in Computer Science can be considered in lieu of the 4 years of system/network admin or developer experience.
• IAW DoD 8140.03-M, must meet the Intermediate Proficiency Level qualifications.
• IAM-II Certification (one or more of the following): CISM, CISSP (OR ASSOCIATE), GSLC, CCISO, CAP, CASP+ CE, HCISSP.
• Must have Splunk Enterprise Certified Admin credential.
• Must have experience administering Linux servers.
• Must have experience with SIEM Content Development.
• Demonstrated experience of strong analytical and problem-solving skills.
• Excellent communication and collaboration skills., * Red Hat Linux administrator certification.
• Experience with Splunk Enterprise Security.
• Experience in a virtualized environment.
• One or more relevant CND certifications: CISSP, CASP+ CE, SSCP, CySA+, CEH, or GCIH.

Physical Requirements/Work Environment

• Typical office environment.

At Castalia Systems, we provide you with opportunities and choices and support your total well-being. Our benefits include: Medical, dental, vision coverage, 401k matching, generous PTO, paid holidays, professional training opportunities, and even pet insurance to ensure your furry friends are cared for too. All regularly scheduled employees working at least 30 hours per week are eligible to participate in Castalia Systems' benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits.

Salary at Castalia Systems is determined by various factors, including but not limited to location, position knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $106,000.00 to $118,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Castalia Systems' total compensation package for employees.

Castalia Systems is a proven business partner providing mission critical solutions to the Federal Government. We provide cutting edge solutions from Securing and Managing Data to Systems Engineering and Development. Castalia Systems is a pioneer in Artificial Intelligence Design and Application. With our vast knowledge of our customers' needs and relevant technology, our team is able to bring successful solutions to every mission. We are one-upping our competitors by providing premium IT solutions and platforms with cutting-edge technology so it's so evident when you compare us with anyone.