Job Description

Security Engineer
North Charleston SC
Minimum of a Secret Clearance Required with ability to obtain Top Secret

As a Security Engineer you will The SIEM/SOAR Engineer will be responsible for managing and maintaining the CSSPs Security Information and Event Management (SIEM) and Security Orchestration Automation and Response (SOAR) systems.

Position Requirements and Duties:
Design implement and maintain the SIEM and SOAR infrastructure (Elastic and Splunk).
Manage and maintain an enterprise Elastic cluster to support SIEM operations for the CSSP.
Monitor and analyze security events and incidents to protect information assets.
Assist in the development and maintenance of use cases rules and alerts for threat detection and response.
Integrate SIEM and SOAR systems with other security tools and data sources.
Automate security operations workflows and incident response procedures using SOAR platforms.
Perform regular system monitoring and health checks to ensure the integrity and availability of SIEM and SOAR systems.
Conduct performance tuning capacity planning and scalability assessments for SIEM and SOAR solutions.
Implement and manage data ingestion pipelines for security event data.
Perform regular updates patches and upgrades for SIEM and SOAR systems.
Create and maintain documentation for system configurations processes and standard operating procedures.
Collaborate with security analysts operations analysts incident responders and other CSSP teams to ensure effective use of SIEM and SOAR capabilities.

Required Skills:
3 years of experience in maintaining an enterprise Elastic cluster
Proficiency in managing and maintaining SIEM and SOAR solutions.
Experience with Elasticsearch Enterprise (including Logstash and Kibana) for SIEM operations.
Strong understanding of security event and incident management processes.
Knowledge of scripting languages (e.g. Python PowerShell) for automation and integration.
Experience with threat detection and response methodologies.
Extensive experience with Linux Administration of RHEL Operating Systems
Strong experience with networking protocols solutions and methodologies

Minimum Qualifications:
US Citizen
Possess a high school diploma or GED
Available for on-call after-hours rotational support as needed
Position may require up to 25% travel as needed
OCONUS travel may be required

Preferred Qualifications:
Experience with other SIEM platforms (e.g. Splunk).
Knowledge of security frameworks and standards (e.g. MITRE ATT&CK NIST).
Familiarity with network and endpoint security technologies.
Experience with security incident response and digital forensics.

Required Certifications:
8570 IAT Level II Certification
Certified Information Systems Security Professional (CISSP) GIAC Certified Incident Handler (GCIH) or Elastic Certified Engineer

Company Overview

Adapt Forward is a cybersecurity solutions provider for some of the nations most valuable information systems. Leveraging advanced threat assessment technology and experience in building high-level information security infrastructure we develop adaptive solutions uniquely tailored to our customers business objectives to protect sensitive data against sophisticated threats in an increasingly complex security environment.

Summary of Benefits

• Comprehensive Physical Wellness Package including Medical Dental Vision Care plus Flexible Spending Accounts for health- and dependent-care are included in our standard benefits plan.
• 401k Retirement Plan with Matching Contribution is immediately available and vested.
• Annual Training Budget to be used for conference attendance school enrollment certification programs and associated travel expenses.
• Eleven Federal Holidays plus three weeks of PTO/vacation/sick leave that accrues at a rate of ten hours per month.
• Employee Assistance Program: Counseling/legal assistance and other employee well-being programs are also offered.

Equal opportunity employer as to all protected groups including protected veterans and individuals with disabilities.

Adapt Forwards Veteran/Disability Affirmative Action Plan narrative section is available for inspection upon request during normal business hours at the Human Resources office and may be requested by contacting Human Resources at

Required Experience:

Senior IC

Job Tags

Full time, Work at office, Immediate start, Flexible hours,

Similar Jobs