Siem Administrator

**Responsibilities**:
Peraton is seeking a talented and experienced
**SIEM Administrator** to join our team in support of the
**U.S. Army Europe Regional Cyber Center (RCC-E).**

**Location: on-site in Wiesbaden, Germany.**

**As an SIEM Administrator, you will be**:

- Responsible for administering the ElasticStack cluster, which includes pipeline services, to maintain and develop its future capabilities.
- Documentation is an essential part of your role, and you would be responsible for developing and maintaining it.

**This includes**:

- How the system operates.
- How datasets are built.
- How services are provided.

**Daily duties are**:

- Operate and maintain a multi-site Elastic clusters on various network enclaves.
- Administer Confluent Kafka and associated Logstash pipelines.
- Build configurations and filters for Elastic Beats and Agent collection architecture.
- Assist aspects of Defensive Cyber Operations in performing analytic development.

Qualifications:
**Required**:

- Bachelor’s degree in a STEM field or Business Administration plus 5 years of specialized experience OR an associate degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience OR 11 years of specialized experience.
- Must have experience:

- ** With any major SIEM (ArcSight ESM, Splunk, Elastic, Microsoft Sentinel, McAfee ESM, etc.).**:

- Writing and maintaining custom parsers and normalize disparate data sets.
- Strong understanding of Data Models and SIEM standardized compliance.
- Writing and troubleshooting complex REGEX.
- Organizing and orchestrating data set migrations with impacted users.
- Providing advanced SIEM query language support to various content owners.
- Have knowledge of SAML authentication.
- Creating and maintaining administrative dashboards.
- ** DoD 8570 IAT III certified (any one of: CASP+, CISA, CISSP, GCED, GCIH, CCSP).**:

- ** Obtain an Elastic Certified Engineer certification within six months of start.**:

- ** U.S. citizenship and possess an active DoD Secret security clearance.**

**Preferred**:

- Be an Elastic Certified Engineer, Elastic Certified Observability Engineer, or Elastic Certified Analyst.
- Have experience supporting multisite architectures.
- Have experience with Confluent Kafka.
- Have previous corporate experience with Splunk or ArcSight.
- Have experience with Elastic Agent.
- Have extensive knowledge of Lucene language.
- Have experience with VScode.
- Have experience with Git, GitLab, Azure DevOps, GitHub, or other project configuration management.

Peraton Overview:
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.

Target Salary Range: $86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors. EEO Tagline (Text Only): An Equal Opportunity Employer including Disability/Veteran.