Career Opportunities >> SIEM Administrator

Security Information and Event Management (SIEM) Administrator


Nimbis Services, Inc. is still growing, and we are looking for a Senior Security Information and Event Management (SIEM) Administrator to work from our office in Bowie, MD. The Security Information and Event Management (SIEM) administrator serves as a member of the Information Assurance team.  Support cross-functional team at Nimbis supporting the Air Force Research Laboratory Trusted Silicon Stratus Distributed Transition Environment (TSS-DTE). The SIEM administrator will support the Director of Information Assurance to ensure TSS-DTE AWS Gov Cloud environment software development life cycle (SDLC) engineering design, development, testing, and implementation complies with DoD Risk Management Framework (RMF) and FedRAMP certification goals.  As the SIEM subject matter experts (SME), interact with DevSecOps and other Cybersecurity Engineering team members to gather data sources requirements, perform troubleshooting, and the creation of SIEM search queries and dashboards. Leverage industry-based best practices to ensure SIEM IA requirements integrate with the DevSecOps CI/CD automation, interoperability and scalability of the engineering cybersecurity solutions.  SIEM administrator is responsible for recognizing and onboarding new data sources into SIEM, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The SIEM administrator must have working experience working in a Linux environment, editing and maintaining SIEM configuration files and apps.

The SIEM administrator maintains IAT Level II/III certification in accordance with the provisions of DoD Directive 8570.01-M. The SIEM administrator will ensure that logs are collected from systems and devices across the architecture into Splunk for analysis. Assesses the impact of incidents and events to systems (critical, sensitive data) and provides direction to the system and network administrators. Will be responsible for creating and maintaining documentation to support the RMF accreditation process. Will also be responsible for writing DoD RMF/FedRAMP plans identified in NIST SP 800-53, such as access control plan, configurations management plans, system security plans, incident response plans, access control, configurations, etc.  The SIEM administrator will be required to interact with senior management, as necessary.


US Citizen Status is required for this position with potential clearance in the future.


Primary Responsibilities

  • Performs advanced analysis of log files, threat vector indicators, vulnerability analysis, external reports, and internal guidance to identify false-positive and actual positive events.
  • Creates queries, dashboards, and visualizations to support customer requirements and monitoring of the SIEM deployment. Assists the incident response team in investigating alerts along with opportunities to automate and tune response activities.
  • Provides recommendations with network and system administrators to ensure audit configurations are optimized to meet Cyber requirements. Coordinates with network administrators to tune IDS/IPS devices.
  • Identify and integrate internal and external data sources, perform analysis of data trends, create queries and maintain SIEM dashboards.
  • Conducts cybersecurity engineering by generating recommendations, designing, implementing, and transitioning solutions to improve cybersecurity posture, allow for mission assurance, and comply with all DoD policies.
  • Gather artifacts and conduct Application assessment to support DoD RMF and FedRamp certification
  • Support system integration, system evaluation and analysis, site surveys, verification and validation, cost and risk, and supportability and effectiveness analyses for total systems and architectures.
  • Conduct advanced research and analysis of current systems to develop strategic implementation plans and designs, document and mitigate risks as well as lessons learned, and provide regular updates.


Job Closing Date:
Position is open until filled.

Apply Now


Required Qualifications

  • Bachelor’s Degree or equivalent number of years’ experience.
  • 2+ years of information security experience, ideally with a focus on cloud solutions
  • 4+ years of experience in a senior SIEM role
  • 3+ Years of experience in Linux and SQL/ODBC interfaces
  • Possess a clear understanding of security protocols and standards and has experience with software security architectures.
  • Experience writing DoD RMF/FedRAMP cloud certification artifacts/documentation identified in NIST 800-53 security control family, e.g. System security plans, incident response plans, access control plans, configurations management plans, etc.
  • Ability to clearly and concisely document Standard Operating Procedures and procedures.

Preferred Qualifications

  • Experience with cybersecurity systems design and operations in multi-enclave cloud environments.
  • Utilizing SIEM for Big-Data
  • Working experience with DoD IA Specific technologies/solutions: HBSS, ACAS/Nessus, McAfee EndPoint, LogRhythm, SolarWinds, Splunk, SCCM, Active Directory, Desktop EndPoint Solutions, and Identify Management (Okta)
  • Working knowledge of DevSecOps methodology


Certifications Preferred:

  • Splunk Enterprise Administrator
  • Splunk Core Power User
  • DoD 8570 IAT II/IAM II Level Certification (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CEH, CAP, CISSP or higher)
  • ITIL Foundations or Intermediate Certificates
  • Systems Cybersecurity Engineering Certificates
  • Agile, Lean/Six Sigma – Green Belt


Nimbis Services, Inc. is a privately held software company delivering web-based technical computer application services hosted on cloud and high-performance computing (HPC) platforms. Our software development environment is an open and collaborative one that is team oriented, creative and fun, with a focus on high integrity and customer satisfaction. Our goal is to outperform the competition in the areas of employment, service, security and safety. We strive to provide high quality products and services to our customers. We consider the employees of Nimbis to be our most valuable resource. The work and attitude of our employees is important to the success of Nimbis. 

We offer competitive benefits that include a flexible work schedule, competitive salary and full benefits. The benefits include medical, dental, vision and 401K. In addition, you will receive paid time for holidays, vacation, sick days and end of year shutdown.

Nimbis Services is an Equal Employment Opportunity (EEO) Employer.

Applicants have rights under Federal Employment Laws: Equal Employment Opportunity (EEO), Family and Medical Leave Act (FMLA), Employee Polygraph Protection Act (EPPA).

If you are interested in joining the team, please fill out our online application. We look forward to talking to you further!