Security Information Event Manager; SIEM Administrator
Listed on 2026-07-13
-
IT/Tech
Cybersecurity, Systems Administrator
Job Type: Full-Time/Onsite
Clearance: Secret preferred
Must be a U.S. Citizen
Job SummaryA Security Information Event Manager (SIEM) Administrator is responsible for managing the organization’s security information and event management (SIEM) system using Splunk. This role involves implementing, maintaining, troubleshooting, and optimizing the SIEM system to ensure effective security monitoring and incident response.
Roles and ResponsibilitiesA qualified candidate will perform the following duties and responsibilities, but are not limited to:
- Implement, install, and troubleshoot Splunk Enterprise (SE) and Splunk Enterprise Security (ES) systems.
- Maintain and administer SE and ES configurations, indexes, apps, and knowledge objects.
- Monitor system health, capacity, and performance to proactively address issues.
- Configure new data inputs to expand data collection capabilities.
- Create security dashboards, reports, alerts, and notifications.
- Collaborate with system administrators to enhance security monitoring capabilities.
- Perform updates and patches on the Splunk platform.
- Audit and review security practices to prevent security incidents.
- Maintain documentation of system configurations and changes.
- High School Diploma.
- At least 4+ years of system, network administration, or developer experience and 2+ years of Splunk administration. A Bachelor's degree in Computer Science can be considered in lieu of the 4 years of system/network admin or developer experience.
- IAW DoD 8140.03-M, must meet the Intermediate Proficiency Level qualifications.
- IAM-II Certification (one or more of the following): CISM, CISSP (OR ASSOCIATE), GSLC, CCISO, CAP, CASP+ CE, HCISSP.
- Must have Splunk Enterprise Certified Admin credential.
- Must have experience administering Linux servers.
- Must have experience with SIEM Content Development.
- Demonstrated experience of strong analytical and problem‑solving skills.
- Excellent communication and collaboration skills.
- Red Hat Linux administrator certification.
- Experience with Splunk Enterprise Security.
- Experience in a virtualized environment.
- One or more relevant CND certifications: CISSP, CASP+ CE, SSCP, CySA+, CEH, or GCIH.
- Typical office environment.
- Not required.
The projected compensation range for this position is $ to $ (annualized USD). All regularly scheduled employees working at least 30 hours per week are eligible to participate in Castalia Systems’ benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits.
DisclaimerCastalia Systems is an equal employment opportunity and affirmative action employer and strives to comply with all applicable laws prohibiting discrimination based on race, color, creed, sex, sexual orientation, age, national origin, or ancestry, physical or mental disability, veteran status, marital status, HIV-positive status, as well as any other category protected by federal, state, or local laws. All such discrimination is unlawful, and all persons involved in the operations of the company are prohibited from engaging in this type of conduct.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).