Hybrid SIEM Support - ZTA at Nexthreat.com
Nexthreat.com · Washington, DC, United States Of America · Hybrid
- Office in Washington, DC
Job Title: SIEM Support
Location: Washington, DC
Time Type: Full-time
Potential for Telework: Position eligible for telework upon approval; however, must be able to attend GPO IT SEC scheduled and as-needed-unscheduled in-person meeting(s).
Minimum Clearance Required to Start: Candidates will be required to pass a GPO public trust background check ahead of onboarding.
Employee Type: W2 or 1099
Citizenship: US Citizen, no Dual Citizenship
Position Overview:
NexThreat is seeking an experienced SIEM Support Specialist to augment the Government Publishing Office’s (GPO) IT Security division. The SIEM Support Specialist will provide expert consultation, operational support, and maintenance for Security Information and Event Management (SIEM) platforms and related security tools. This role aims to develop, enhance, and mature the GPO’s Zero Trust Architecture (ZTA), strengthen cyber hygiene, and improve overall cybersecurity posture in compliance with EO 14028.
Key Responsibilities:
SIEM Operations & Support:
o Support the deployment, configuration, operation, and maintenance of SIEM platforms, including Microsoft Sentinel and NetWitness.
o Conduct continuous monitoring, threat detection, and incident response activities using SIEM data.
o Support SIEM upgrade activities, rule tuning, and troubleshooting of alerts and detections.
Security Tool Support & Integration:
o Operate, maintain, and upgrade associated security tools, including but not limited to:
§ Microsoft Azure
§ Microsoft Defender for Endpoint (DfE)
§ Xacta 360/IO
§ Zscaler
§ FedRamp compliance tools
§ Cloudflare
§ Tenable IO
§ Nexpose
§ Armis
§ Trellix HX/CM
§ ServiceNow
o Ensure all tools are integrated effectively within the cybersecurity ecosystem.
Development & Maturation of ZTA:
o Assist in developing, maintaining, and maturing the GPO’s Zero Trust Architecture.
o Develop strategies to assess current cybersecurity posture and implement improvements aligned with EO 14028.
Qualifications & Experience:
Education & Certifications:
o Bachelor’s degree in Cybersecurity, Cybersecurity Operations, Information Technology, or a related field (or equivalent experience).
o Certifications such as GIAC GCIH, GIAC GCED, CISSP, CompTIA CySA+, or Microsoft Defender certifications are preferred.
Experience:
o At least 3 years of working knowledge supporting SIEM platforms, especially Microsoft Sentinel and NetWitness in a government or enterprise environment.
o Hands-on experience supporting, upgrading, and tuning SIEM systems and related security tools.
Technical Skills:
o Strong understanding of security information and event management, threat detection, incident response processes, and modern cybersecurity practices.
o Familiarity with cloud security platforms (Azure, Zscaler, Cloudflare) and vulnerability management tools.
o Ability to support complex security environments and work effectively with diverse security tools and teams.
