×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

SIEM Analyst Security Clearance

Remote / Online - Candidates ideally in
Smyrna, Cobb County, Georgia, 30081, USA
Listing for: Crest Security Assurance
Remote/Work from Home position
Listed on 2026-02-18
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: SIEM Analyst with Security Clearance

Position Overview

The SIEM Analyst is responsible for supporting the management, optimization, and continuous monitoring of Security Information and Event Management (SIEM) systems within Department of Defense (DoD) environments. The role focuses on reviewing, validating, and optimizing SIEM log sources, rule configurations, and system deployment metrics to ensure comprehensive and efficient threat detection. The SIEM Analyst will collaborate with cybersecurity teams to develop processes and Standard Operating Procedures (SOPs) for effective SIEM log management, incident detection, and threat response.

This position requires strong analytical skills, attention to detail, and a proactive approach to SIEM management and improvement. The ideal candidate will have experience with log analysis, configuration validation, and the identification of security misconfigurations in a SIEM environment. This is a hybrid work position that requires 3‑days on‑site and 2‑days work from home.

Responsibilities
  • Develop and Document SIEM Processes and SOPs:
    Within three (3) months of contract award, assist in developing and documenting a process and SOP for the regular review and validation of SIEM logs and sources.
  • Define procedures for identifying SIEM misconfigurations, evaluating SIEM rules, and generating reports on system deployment metrics such as active log source counts, log types, entities, and rules reviewed or modified.
  • SIEM Log Source Review:
    Regularly review and validate SIEM log sources in collaboration with cybersecurity experts to build or update asset profiles. Use these profiles to assess system risk and criticality, leveraging data from Mission Assurance, Configuration Management Database (CMDB), and other resources.
  • Establish and Maintain SIEM Log Review Schedules:
    Implement and manage a regular schedule for reviewing SIEM logs based on system sensitivity and risk profiles. Perform reviews daily, weekly, or monthly, depending on the system's criticality.
  • Conduct Weekly SIEM Log Reviews, Focusing On Identifying
    • Unusual system behavior
    • Deviations from established baselines
    • Configuration changes
    • Incident Reporting and Collaboration
  • Incident Reporting and

    Collaboration:

    Monitor and relay any anomalous or potentially malicious activity detected in the SIEM to Cyber Operations (Cyber Ops) Analysts and provide timely communication and findings to cybersecurity leadership to ensure prompt action on security issues.
  • Continuous SIEM Rule Assessment:
    Conduct regular evaluations of SIEM rules to ensure their effectiveness in identifying potential security threats. Review 10‑15 SIEM signatures monthly to ensure they are relevant and effective.
  • Work with ISSM, ISO, and Cyber Ops Analysts to identify SIEM rules that need optimization to improve threat detection accuracy and reduce false positives.
  • Log Source Configuration Validation:
    Validate the configuration of log sources to ensure that all relevant security data is collected, ingested, and processed by the SIEM. Identify any missing or misconfigured log sources and create incidents (IRs) to assign these to the SIEM team for resolution.
  • Documentation and Reporting:
    Maintain detailed documentation on SIEM configurations, rule assessments, and incident reports.
  • Generate and present reports with system deployment metrics to cybersecurity leadership, focusing on log source counts, rule modifications, and overall SIEM performance.
Minimum Qualifications
  • Experience: 3‑5 years in cybersecurity or a related role with hands‑on experience managing SIEM systems.
  • Skills: Strong understanding of log analysis, rule‑based threat detection, and incident response processes; familiarity with DoD cybersecurity policies and standards.
  • Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
  • Certifications: Must meet DoD 8140/8570 IAT Level II certification requirements, plus one or more of:
    CompTIA Security+, Cisco CCNA Security, GIAC Security Essentials (GSEC), CompTIA CySA+.
  • Clearance: Active DoD Secret clearance required.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search