Job Openings >> SIEM Engineer / Architect.
SIEM Engineer / Architect.
Title:SIEM Engineer / Architect.
Location:Various (CONUS)

Netorian is seeking a SIEM Engineer / Architect.

Employment Type:

  • Full-Time, exempt.


  • Competitive, based on experience and qualifications.


  • Remote.


  • 25%


  • Master’s degree, or demonstrated experience and delivery in information security, data management or computer science


  • Active professional security certifications (i.e. CISSP), open source project, security research or design/framework contributions or other current initiatives around information management, data and content modeling and large data analytics.

Security Clearance:

  • All candidates must have an active DOD Top Secret Security Clearance and be SCI eligible
  • Must successfully pass a criminal background check and drug screening


  • 7-10+ years of applied technology experience in defining strategy around security monitoring, incident management, regulatory compliance and process improvement.
  • 5+ years hands on experience creating rules, alerts, content and reports within a complex SIEM environment.
  • 3+ years’ experience with hands on database engineering and support
  • Demonstrated expert level experience with HPE ArcSight, Splunk, and Hadoop, including log consolidation, correlation, content creation, workflow management and process improvement.
  • Excellent Unix / Linux skills required
  • Expert troubleshooting and break fix experience with SIEM environments required
  • Excellent written and verbal communication skills
  • Ability to rapidly understand client’s business strategies and possess the capability to apply creative problem-solving skills to deliver high impact solutions to meet their business needs.


  • Familiarity with Cyber Kill Chain methodologies
  • Familiarity with Windows WEF Framework
  • Understanding of Network Firewalls, Load Balancers and Complex System Designs
  • Proficient with Software Development Life Cycles (i.e. ITSA, etc)
  • Expertise in FLEXConnector framework development and strong Regex skills required
  • Good command on Python, Perl, SQL, Regex and Shell Scripting is preferred
  • Experience installing and maintaining open source log capture technologies such as Syslog-NG, Snare, LogStash, MSCOM etc is preferred
  • Ability to rapidly understand client’s business strategies and possess the capability to apply creative problem solving skills to deliver high impact solutions to meet their business needs.

Description of Work:

The SIEM Engineer/Architect is a client-facing role, responsible for architecting SIEM solutions to improve the security value, service management, and scalability for our clients. A working knowledge of SIEM, threat trends and vectors, and IT/IS architectural design are required. The SIEM Engineer/Architect works under the supervision of Master SIEM Architects and Management while partnering with the client to deliver robust SIEM designs and implementations.

The SIEM Engineer/Architect works closely with the client to understand the current and target state of the SIEM and insure effective and efficient incident identification, resolution and root-cause analysis is leveraged through productive implementation of the platform.

The successful candidate will be a strong technologist with a practical mind and creativity. The candidate must be able to effectively collaborate with the client’s Information Security and IT/IS teams and Master Architects to deliver optimal results for the client. Additionally, the candidate must be able to clearly and successfully communicate with a demonstrated understanding of business and technical requirements of the client.

Duties and responsibilities include:

  • Align with client needs, threat trends, and operational performance to identify opportunities for improvement/enhancement of their security operations center and infrastructure.
  • Partner with the client to evaluate existing log & data domains, SIEM processes and tools and effectiveness measures to identify critical elements, weaknesses and opportunities for improvement.
  • Work independently and in concert with others to architect solutions that have a measurable impact on security value, service management and client satisfaction.
  • Creation of architecture diagrams, workflow models and proposals/presentations to key stakeholders who have a wind range of business, security and IT experience.
  • Deliver high-level plans for architecting recommended solutions.
  • Coordinate with the client and key stakeholders to gather requirements and design the solutions to support those requirements.
  • Develop and create reference architectures and models with proper documentation.
  • Architect solutions to drive salability, efficiency and automation, which may include changes to people, process and technology.
  • Provide remote consulting services via interactive client sessions to assist with implementation, support, and usage of multiple product vendors and technologies.
  • Perform other duties as assigned.

Organizational Alignment:

  • Role reports to Master Architect. It is a client Facing role that requires client travel. Requires working closely with Client IT Security and IT/IS Functions in addition to Netorian’s internal team. This role does not have any direct reports.


Powered by ApplicantStack
Netorian, LLC
210 Research Boulevard, Suite 160
Aberdeen, MD 21001
+1 (844) 638-6742
Netorian Logo
ISO logo

Committed to Quality - ISO 9001:2015 certified.