SIEM - SOAR Engineer


  • Fort Meade, MD
  • Permanent
  • Full-time
  • 2 months ago
We are seeking a security analyst with knowledge and experience in networking, security event monitoring and intrusion detection. The primary responsibility is to identify and investigate anomalous host and network activity through continuous monitoring. This job function includes the triage/categorization of potential Events and Incidents; initial evidence collection; case creation; coordination/hand-off to other teams as necessary; testing; integrating; deploying; and maintaining SIEM and SOAR technologies; and other products as necessary. Additional responsibilities include configuration of various security systems to aid in the discovery of Indicators of Compromise (IOCs), use of threat intel and hunting without IOCs, and developing or contributing to documentation such as standard operating procedures, playbooks, briefings and executive reports. Must be extremely motivated with an investigative mindset and an absolute passion for catching and stopping malicious threat actors. The ideal candidate is a self-starter with strong understanding of network security tools, attack methodologies, operating systems, general networking, and enterprise security environments. The focus of this position managing, protecting and defending the Department of Defense Information Network (DoDIN).

  • A Bachelor’s Degree in computer engineering, computer science, or another closely related IT discipline.
  • At least 5 years’ direct experience performing hands-on network monitoring and intrusion detection in an enterprise environment

One of the following certifications is required:
  • CompTIA Security+
  • CEH: Certified Ethical Hacker
  • GIAC: Certified Intrusion Analyst
  • CISSP: Certified Information Systems Security Professional
  • Good interpersonal, organizational, writing, communications and briefing skills.
  • Strong analytical and problem-solving skills.
  • In-depth knowledge of TCP/IP networking and network protocols.
  • Real-time network monitoring using Security Information and Event Management (SIEM)
  • Experience with raw packet analysis (PCAP)
  • Experience using a broad variety of network defense/monitoring tools in the context of an analyst
  • Experience investigating security alerts, logs and raw data to determine if an event is a false positive or legitimate security concern
  • Experience consolidating and conducting comprehensive analysis of threat data obtained from proprietary and open source resources to provide indication and warnings of impending attacks against networks
  • Experience creating reports from large amounts of data
  • Experience with event escalation
  • Computer Intrusion methodology, and intrusion analysis/investigation methodology
  • Ability to interface with and describe security concerns to users, customers, and senior leadership
Must be a US citizen and have at least a SECRET clearance

Must be able to obtain, maintain and/or currently possess a security clearance.

Ready for action? We’re looking for the kind of people who see this opportunity and don’t hesitate to act. Parsons is a leader in the world of Technical Services and Engineering. We hire people with a broad set of technical skills who have proven experience tackling some of the greatest challenges. Take your next step and apply today.