DHS HSEN - Security Architect (SIEM & SOAR)

Who We Are:

Headquartered in Washington, DC, Versar Global Solutions provides full mission lifecycle solutions for challenges faced by our government and commercial Customers in the natural, built, and digital environments. With nearly 2,000 team members around the world, and a rich legacy spanning more than 70 years, Versar Global Solutions delivers a broad array of planning, analysis and risk management solutions, project and program management, operations and maintenance services, and information technology applications for environmental management and remediation projects, mission critical facilities and installations, and in support of readiness and contingency operations.

Who You Are:

Versar Global Solutions is seeking a Security Architect (SIEM & SOAR) to support the DHS' Homeland Security Enterprise Network (HSEN) within the Office of the Chief Information Officer (OCIO), IT Operations, Enterprise Engineering Division (EED). This resource will be a member of a high functioning team of network and security engineers, data center specialists, and stakeholder groups, such as the DHS Network Operations Security Center - Cyber (NOSC-Cyber), ISSOs, and industry vendors, working to continually strengthen and secure HSEN and its data.

The candidate's primary responsibility is to maintain and mature the existing DHS Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solutions, and lead the analysis, integration, and testing of this and new security tools and technologies.

What You'll Do:

• Designing, implementing, and maintaining SIEM and SOAR solutions by collaborating effectively with NOSC-Cyber and other key stakeholder groups.
• Work in partnership with network and security engineers and cloud development teams to drive improvements to security requirements.
• Research the latest capabilities of SIEM, SOAR platforms and IT technologies (e.g. firewalls, operating systems, networks, storage, virtualization, AD, IPS, Proxies etc.) and be able to present findings to management.
• Optimize SIEM, SOAR and NOSC-Cyber architecture to improve efficiency and effectiveness of the platforms and processes.
• Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs.
• Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
• Design and document existing production Swimlane environment to include Visio diagrams.

What You'll Bring:

• BA or BS (Cyber Security, Computer Science, Information Systems, Software Engineering, Computer Engineering, or related field); relevant experience may be a substitute for education.
• At least six (6) years of professional experience cybersecurity, NOC/SOC environments, and IT Services environment, providing incident response.
• Demonstrated experience with SIEM and SOAR tool suites, with an emphasis on Swinlane and Splunk.
• Demonstrated experience endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies.
• Must be resourceful in learning a very complex and dynamically changing network.
• Must be a self-starter, able to work independently, and able to manage time effectively.
• Working knowledge of cloud platforms such as AWS, Azure.
• Desired certifications: Certification involving cybersecurity, CompTIA Security+, Splunk, CISSP, CCNP Security, CCIE Security.
• Desired software/hardware: Splunk, Swimlane, knowledge of at least one programming or scripting language (ex. Python, PowerShell, PHP, Perl), Windows/Linux experience.
• Ability to communicate effectively with all levels of an organization from engineering, operations, and management.
• Be authorized to work in the US or will be authorized by the successful candidate's start date to be eligible for a DHS EOD is required.
• Must be proficient in English, both written and verbal, to ensure effective communication and collaboration.
• Successful results of preemployment screenings, including federal background check, MVR, and drug screen.
• Comply with company drug and alcohol policy.

Location Requirements

The position will primarily work remote; however, preference will be given to those who reside locally to the MD/DC/VA areas.

Compensation

Expected Salary: $120,000 - $132,000 per year

Versar Global Solutions is providing the compensation range and general description of other compensation and benefits that the Company in good faith believes it might pay and/or offer for this position based on the successful applicant's education, experience, knowledge, skills, and abilities in addition to internal equity and geographic location. The Company reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant's status protected by local, state, or federal law.

EEO Commitment

Versar Global Solutions is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state, and local laws.

Versar Global Solutions complies with applicable state and local laws governing non-discrimination in employment in every location in which the company operates. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Versar Global Solutions expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, marital status, amnesty, or status as a covered veteran. Improper interference with the ability of Versar Global Solutions employees to perform their job duties is not tolerated.