Skip to main content
Tallo logoTallo logo
Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Apply Offsite

SEIM Engineer

Job

Apex Systems

Fort Meade, MD (In Person)

Full-Time

Posted 2 days ago (Updated 17 hours ago) • Actively hiring

Expires 7/4/2026

Review key factors to help you decide if the role fits your goals.
How is this calculated?
Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
77
out of 100
Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

Job Requirements Fort Meade, MD Top Secret/SCI Polygraph not specified Senior Level Career (10+ yrs experience) Salary not specified Join Premium to unlock estimated salaries
Job Description SIEM Engineer Location:
Fort Meade, Maryland (Onsite) Role Overview Our organization is seeking a SIEM Engineer to support a critical enterprise migration from Splunk to Elastic. This role will serve as a senior analyst, responsible for developing queries, tuning alerts, and performing advanced analysis within a large-scale environment. The position involves translating existing security use cases, dashboards, and alerts while ensuring detection capabilities are maintained or improved throughout the transition. Key Responsibilities Serve as a senior SIEM analyst leveraging Splunk, with responsibility for query development (SPL), alert tuning, correlation, and advanced analysis. Support and contribute to enterprise SIEM migration efforts from Splunk to Elastic, including translating use cases, dashboards, and alerts. Validate data ingestion pipelines and log sources during the migration to ensure fidelity. Leverage network monitoring and detection capabilities (netflow, PCAP, IDS) to identify adversary activity. • Perform advanced log analysis, correlation, and threat detection across large-scale datasets. Discover adversary campaigns, anomalies, and inconsistencies across SIEM platforms. Support the development of cyber fusion frameworks aligned with best practices. Analyze and document malicious actor TTPs, mapping them to enterprise vulnerabilities. Produce detailed analytic reports and visualizations to communicate findings. Provide mitigation strategies to reduce risk and improve the enterprise security posture. Required Qualifications Bachelor's Degree with 8-15 years of relevant experience, or equivalent professional experience. An active IAT Level II or III Certification. Experience with Splunk, including SPL query development, dashboard creation, and alert tuning. Experience supporting or participating in SIEM platform migrations, preferably from Splunk to Elastic. Familiarity with Elastic/ELK Stack tools such as Elasticsearch, Kibana, Logstash, and Beats. Knowledge of network protocols (TCP/IP, OSI) and cyber threat methodologies. Experience analyzing netflow, PCAP, and custom application logging data. Experience with security tools such as Wireshark, passive DNS, and threat intelligence platforms. Preferred Qualifications Experience supporting DISN or DOW networks. Demonstrated experience building SIEM dashboards, analytics, and detection content in Splunk and/or Elastic. Hands-on experience with Splunk to Elastic migrations, data pipeline validation, or detection engineering conversions. Familiarity with intelligence-driven defense methodologies. IAT Level III and/or IAM Level II/III Certifications.
group id:
apexsan N Name Hidden IT delivery lead Apply now