Security Information and Event Management (SIEM) Lead

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services.Overview Of PositionFEDITC is seeking an experienced, Security Information and Event Management (SIEM) Lead to support IT Security staff augmentation to develop plans to assess current cybersecurity state and develop processes for a fully implemented Zero Trust Architecture ZTA. In accordance with Executive Order (EO) 14028 (3)(b)(ii), plan to implement ZTA to strengthen the Cyber Hygiene and Security Posture for the Government Publishing Office (GPO).This is an upcoming opportunity with a projected start date of 1 September 2025. A United States Citizenship and Background Investigation NAC initiated is required to be considered for this position.ResponsibilitiesPreparation of Task Order Management Plans, cost analyses, activity and project tracking schedules, risk registers, and risk and issue mitigation strategies for all GPO SOC activities. This task consists of:Deployment of Defender for Endpoint agents to minimum threshold of Microsoft supported endpoint devices via Microsoft Intune or Active Directory (AD) Group Policy Objects (GPO)Identification of target endpoint machines, OS versions, and deployment methodCreation of DfE deployment scripts, including uninstallation of legacy EDR and anti-virus solutionsCreation of DfE support infrastructure to support mass deployment (i.e., storage accounts, authorization, etc.)Testing of DfE deployment scriptsDeployment of DfE agents to identified endpoint machines to scoped minimum threshold (percentage) of device endpointsVerification of onboarding and reporting Validate proper configuration to align with best practicesQualificationsExperience/Skills:Must possess a blend of technical cybersecurity skills, Microsoft Sentinel expertise, program/project management experience, and real-time security operations knowledge. "Candidate should be well qualified in 4 or more skills (desired) and corresponding experience"Minimum 3+ working with Microsoft Cloud environments Government Community Cloud GCC-H/GCC.Experience with Microsoft Sentinel (required), also desired are Splunk, QRadar, ArcSight, LogRhythm, ElasticExperience ingesting CEF, syslog, Windows Event Logs, JSON, XML Ability to parse and normalize logs for threat detectionFamiliarity with Azure Monitor, Log Analytics workspace, retention policiesAbility to recommend cost-optimized data tiering strategiesFamiliarity with MITRE ATT&CK framework, Threat Intelligence platforms (TIPs), Real-world threat hunting and IOC correlationHands on experience with Microsoft 365 Defender, Defender for Endpoint, Defender for Office, EDR/XDR platforms like Trellix (McAfee), CrowdStrike, SentinelOneActive Directory ExperienceExperience with Firewall and network security toolsStrong understanding of Zero Trust, Identity Protection, and privileged access monitoringEducationBachelor’s degree in Cybersecurity, Computer Science, Information Systems, or Engineering desired Desired CertificationsMicrosoft Certified: Security Operations Analyst AssociateMicrosoft Certified: Information Protection Administrator Associate Microsoft Certified: Azure Security Engineer Associate (AZ-500) CompTIA Security+ Certified SOC AnalystGIAC Security EssentialsClearanceMust have Minimum Background Investigation complete NAC. Must be a US Citizen.BenefitsPTOHoliday Pay401K with a 4% MatchMedical InsuranceDental InsuranceVision InsuranceGroup Life & AD&DVoluntary Life AD&DShort-term DisabilityLong-Term DisabilityHealth Savings AccountFlexible Spending Account (Health and Dependent)Critical Illness InsuranceAccident InsuranceHospital Indemnity InsuranceEmployee Assistance Program (EAP)FEDITC, LLC. is committed to fostering an inclusive workplace and provides equal employment opportunities (EEO) to all employees and applicants for employment. We do not employ AI tools in our decision-making processes. Regardless of race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran, FEDITC, LLC. ensures that all employment decisions are made in accordance with applicable federal, state, and local laws. Our commitment to non-discrimination in employment extends to every location in which our company operates.