Security Information and Event Management (SIEM) Lead

Job Details Level: Experienced Job Location: Washington DC - U.S. Government Publishing Office (GPO) - Washington, DC Position Type: Full Time Education Level: 4 Year Degree Salary Range: $146000.00 - $160000.00 Salary Description

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services.

Overview of position:

FEDITC is seeking an experienced, Security Information and Event Management (SIEM) Lead to support IT Security staff augmentation to develop plans to assess current cybersecurity state and develop processes for a fully implemented Zero Trust Architecture ZTA. In accordance with Executive Order (EO) 14028 (3)(b)(ii), plan to implement ZTA to strengthen the Cyber Hygiene and Security Posture for the Government Publishing Office (GPO).

This is an upcoming opportunity with a projected start date of 1 September 2025.

A United States Citizenship and Background Investigation NAC initiated is required to be considered for this position.

Responsibilities:

Preparation of Task Order Management Plans, cost analyses, activity and project tracking schedules, risk registers, and risk and issue mitigation strategies for all GPO SOC activities. This task consists of:

• Deployment of Defender for Endpoint agents to minimum threshold of Microsoft supported endpoint devices via Microsoft Intune or Active Directory (AD) Group Policy Objects (GPO)
• Identification of target endpoint machines, OS versions, and deployment method
• Creation of DfE deployment scripts, including uninstallation of legacy EDR and anti-virus solutions
• Creation of DfE support infrastructure to support mass deployment (i.e., storage accounts, authorization, etc.)
• Testing of DfE deployment scripts
• Deployment of DfE agents to identified endpoint machines to scoped minimum threshold (percentage) of device endpoints
• Verification of onboarding and reporting
• Validate proper configuration to align with best practices

Experience/Skills:

Must possess a blend of technical cybersecurity skills, Microsoft Sentinel expertise, program/project management experience, and real-time security operations knowledge.

• Minimum 3+ working with Microsoft Cloud environments Government Community Cloud GCC-H/GCC.
• Experience with Microsoft Sentinel (required), also desired are Splunk, QRadar, ArcSight, LogRhythm, Elastic
• Experience ingesting CEF, syslog, Windows Event Logs, JSON, XML
• Ability to parse and normalize logs for threat detection
• Familiarity with Azure Monitor, Log Analytics workspace, retention policies
• Ability to recommend cost-optimized data tiering strategies
• Familiarity with MITRE ATT&CK framework, Threat Intelligence platforms (TIPs), Real-world threat hunting and IOC correlation
• Hands on experience with Microsoft 365 Defender, Defender for Endpoint, Defender for Office, EDR/XDR platforms like Trellix (McAfee), CrowdStrike, SentinelOne
• Active Directory Experience
• Experience with Firewall and network security tools
• Strong understanding of Zero Trust , Identity Protection, and privileged access monitoring

Education:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or Engineering. Master’s degree preferred

Certifications:

• Microsoft Certified: Security Operations Analyst Associate
• Microsoft Certified: Information Protection Administrator Associate
• Microsoft Certified: Azure Security Engineer Associate (AZ-500)
• CompTIA Security+
• Certified SOC Analyst
• GIAC Security Essentials

Clearance:

• Must have Minimum Background Investigation complete NAC.

• Must be a US Citizen.

Benefits:

• PTO
• Holiday Pay
• 401K with a 4% Match
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Group Life & AD&D
• Voluntary Life AD&D
• Short-term Disability
• Long-Term Disability
• Health Savings Account
• Flexible Spending Account (Health and Dependent)
• Critical Illness Insurance
• Accident Insurance
• Hospital Indemnity Insurance
• Employee Assistance Program (EAP)

FEDITC, LLC. is committed to fostering an inclusive workplace and provides equal employment opportunities (EEO) to all employees and applicants for employment. We do not employ AI tools in our decision-making processes. Regardless of race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran, FEDITC, LLC. ensures that all employment decisions are made in accordance with applicable federal, state, and local laws. Our commitment to non-discrimination in employment extends to every location in which our company operates.