Nimbis Services, Inc. is still growing, and we are looking for a Senior Security Information and Event Management (SIEM) Administrator to work from our office in Bowie, MD. The Security Information and Event Management (SIEM) administrator serves as a member of the Information Assurance team. Support cross-functional team at Nimbis supporting the Air Force Research Laboratory Trusted Silicon Stratus Distributed Transition Environment (TSS-DTE). The SIEM administrator will support the Director of Information Assurance to ensure TSS-DTE AWS Gov Cloud environment software development life cycle (SDLC) engineering design, development, testing, and implementation complies with DoD Risk Management Framework (RMF) and FedRAMP certification goals. As the SIEM subject matter experts (SME), interact with DevSecOps and other Cybersecurity Engineering team members to gather data sources requirements, perform troubleshooting, and the creation of SIEM search queries and dashboards. Leverage industry-based best practices to ensure SIEM IA requirements integrate with the DevSecOps CI/CD automation, interoperability and scalability of the engineering cybersecurity solutions. SIEM administrator is responsible for recognizing and onboarding new data sources into SIEM, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The SIEM administrator must have working experience working in a Linux environment, editing and maintaining SIEM configuration files and apps.
The SIEM administrator maintains IAT Level II/III certification in accordance with the provisions of DoD Directive 8570.01-M. The SIEM administrator will ensure that logs are collected from systems and devices across the architecture into Splunk for analysis. Assesses the impact of incidents and events to systems (critical, sensitive data) and provides direction to the system and network administrators. Will be responsible for creating and maintaining documentation to support the RMF accreditation process. Will also be responsible for writing DoD RMF/FedRAMP plans identified in NIST SP 800-53, such as access control plan, configurations management plans, system security plans, incident response plans, access control, configurations, etc. The SIEM administrator will be required to interact with senior management, as necessary.
US Citizen Status is required for this position with potential clearance in the future.