Cybersecurity Architect

This position requires an experienced SIEM Engineer specializing in Coralogix platform administration to serve as the technical owner within a multi-tenant Security Operations Center environment. The role involves planning, implementing, configuring, and maintaining Coralogix instances while ensuring compliance with federal regulatory standards. The engineer will contribute to the evolution of security operations capabilities, focusing on detection, incident management, and platform integration at an enterprise scale., * Manage and administer the Coralogix platform within a shared multi-tenant SOC organization, including DataPrime, GROK/regex parsing rules, and alert configurations.

• Design, implement, and operate enterprise log collection pipelines across various network architectures, leveraging tools like OpenTelemetry Collector, Fluentd, and reverse proxy solutions.
• Develop detection engineering strategies, including creating and refining alert types such as threshold, anomaly, flow, and ratio alerts.
• Oversee incident management processes, ensuring adherence to SLAs and effective response workflows.
• Contribute to the broader SecOps technology stack by integrating detection, log management, and alerting tools with existing security infrastructure.
• Implement log pipelines adhering to data masking, field redaction, and sensitive data handling requirements in compliance with federal regulations.
• Collaborate with federal cybersecurity teams on logging architecture, audit log management, and ATO processes, ensuring compliance with NIST 800-53 AU controls and OMB M-21-31 standards.
• Manage and configure security integrations, including cloud-native APIs, endpoint telemetry, and network/security appliance logs, ensuring comprehensive visibility.
• Support automation scripting using Python, Bash, or equivalent to streamline log pipeline operations and platform integrations.
• Stay current on federal cybersecurity requirements, including FedRAMP and NIST guidelines, applying best practices to platform configuration and operational procedures.

• 10+ years of cybersecurity engineering experience with at least 5 years focused on SIEM platform engineering, administration, or log management.
• Proven hands-on experience with Coralogix, including platform administration, DataPrime query language, alert development, and pipeline design.
• Extensive experience architecting and managing enterprise-scale logging pipelines with tools such as OpenTelemetry Collector, Fluentd, or Fluent Bit.
• Familiarity with onboarding diverse log sources, including cloud services (AWS CloudTrail, VPC Flow Logs, S3), Kubernetes, Windows/Linux endpoints, and network appliances.
• Strong understanding of federal logging requirements, including NIST 800-53 AU controls and OMB M-21-31, with experience operating in regulated environments.
• Technical skills in Coralogix platform features: TCO Optimizer, SSO/SAML configuration, API key management, and ML integrations.
• Ability to script and automate tasks using Python, Bash, or similar tools for operational efficiency.
• Experience working within federal or regulated environments emphasizing multi-tenant data security and compliance.
• Excellent communication skills to convey technical decisions to non-technical stakeholders and promote platform adoption across teams.
• Relevant certifications such as Coralogix Certified Engineer, GIAC (GCED, GCIH, GCIA), AWS Security Specialty, CISSP, CISM, or Security+ are preferred.
• In compliance with federal law, all persons hired must verify their identity and eligibility to work in the United States and complete the required employment eligibility verification form upon hire. Candidates must be legally authorized to work in the United States without employer sponsorship, now or in the future.

At GDH, we believe in the power of people and the importance of caring. Our culture statement, "We care about people," isn't just a tagline - it's the core of everything we do. GDH is a premier staffing and talent solutions company dedicated to helping businesses find the best talent and assisting job seekers in finding their dream jobs. Who We Are: GDH, founded in 2001, has grown into a leader in providing staffing solutions across various industries. We specialize in IT across several sectors, connecting top talent with leading enterprises. As a Best of Staffing firm recognized for excellence in client, employee, talent, and women's services, we pride ourselves on our commitment to quality and service. GDH Benefits GDH offers a range of employee benefits that are designed to promote well-being and help maintain a healthy work-life balance. These comprehensive benefits cover various aspects of an employee's life and aim to enhance their overall experience with the company. Our health benefits include three medical insurance options with access to KISx Card, Zero Card, and HealthJoy concierge services. Other plan offerings include dental, vision, life, disability, supplemental insurance, and pet insurance plans. Enjoy additional perks like holiday pay, 401(k) plan, direct deposit, an employee referral program, work-life balance benefits, a Wellbeats membership, a discounted gym membership program, and more! For more detailed information on benefits, please go to GDH's website under the tab for candidates.