Senior SIEM Engineer

{
  "content_hash": "1b1f0692b5d708de832ff190827079c7c2b3df943015af98e018ac81e091db84",
  "source_hash": "16343bac49d94bef76ca5205d605686e0c1bdc446c80233f2a0446238f81df6e",
  "last_changed_at": "2026-06-02T13:09:48.249Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Malmstrom AFB, MT, US",
    "city": "Malmstrom AFB",
    "region": "MT",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.8
  },
  "salary_max": 185000,
  "salary_min": 175000,
  "inferred_at": "2026-06-18T08:15:05.591Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Malmstrom AFB, MT, US",
      "city": "Malmstrom AFB",
      "region": "MT",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.8
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": "year",
  "workplace_type": "on_site",
  "salary_currency": "USD"
}

{}

{
  "json_ld": {
    "url": "https://careers-americansystems.icims.com/jobs/4203/senior-siem-engineer/job",
    "@type": "JobPosting",
    "title": "Senior SIEM Engineer",
    "@context": "http://schema.org",
    "baseSalary": {
      "@type": "MonetaryAmount",
      "currency": "USD",
      "maxValue": 185000,
      "minValue": 175000
    },
    "datePosted": "2026-03-30T04:00:00.000Z",
    "description": "<h2>Overview</h2>\n<p>AMERICAN SYSTEMS supports the mission of The US Space Force. Support includes assessing independent Local Area Networks (LANs); executing LAN collapse procedures; procuring authorized LAN equipment for network expansion or upgrades; conducting on-site surveys for new LAN locations; determining and documenting customer and technical requirements; transporting, configuring, and installing new equipment; and implementing all required services to make new locations fully operational networks.</p>\n<h2>Responsibilities</h2>\n<p><strong>AMERICAN SYSTEMS </strong>is seeking a professional with 8 – 10 years of experience and TS/SCI Clearance to be our next Senior Splunk Engineer at Malmstrom AFB, Montana.</p>\n<p>  </p>\n<p><strong>Platform Engineering & Administration</strong></p>\n<ul>\n <li><strong>I</strong>nstall, configure, and maintain Splunk Enterprise and Splunk ES in classified, air-gapped, or cross-domain environments.</li>\n <li>Manage distributed architectures (indexers, search heads, cluster masters, deployment servers, forwarders) with a focus on reliability, performance, and security.</li>\n <li>Perform upgrades, patching, app deployment, performance tuning, and capacity planning.</li>\n <li>Implement and maintain backup/restore, DR procedures, and system hardening in accordance with DoD/IC and organizational policies.</li>\n</ul>\n<p><strong>Data Onboarding & Normalization</strong></p>\n<ul>\n <li>Onboard logs from servers, network devices, security appliances, applications, and specialized classified systems.</li>\n <li>Develop and manage inputs, props, transforms, field extractions, and parsing to ensure high-quality, normalized data (CIM-compliant where applicable).</li>\n <li>Work with system owners and engineers to define logging requirements that support auditing, incident reconstruction, and compliance.</li>\n <li>Integrate Splunk with existing security tooling and infrastructure (e.g., host-based security, IDS/IPS, vulnerability scanners, identity systems).</li>\n</ul>\n<p><strong>Detection, Dashboards & Reporting</strong></p>\n<ul>\n <li>Develop searches, correlation logic, alerts (where appropriate), and dashboards to surface security-relevant activity, system health, and compliance status.</li>\n <li>Create role-specific dashboards for cybersecurity staff, ISSOs/ISSMs, system administrators, and leadership.</li>\n <li>Support audit and inspection preparation (e.g., RMF, JSIG, NIST 800-53, CNSSI 1253) by building reports and evidence queries from Splunk.</li>\n <li>Implement and maintain data models, lookups, and other knowledge objects to support efficient analysis and reporting.</li>\n</ul>\n<p><strong>Security & Compliance Alignment</strong></p>\n<p>Ensure Splunk configurations and data flows comply with classified environment requirements, including handling caveats, data segregation, and need-to-know.</p>\n<ul>\n <li>Implement strict RBAC, data access controls, and logging of administrative actions.</li>\n <li>Support RMF and related processes by providing visibility into control effectiveness (e.g., AU-2, AU-6, AU-12, SI-4).</li>\n <li>Assist with continuous monitoring activities using Splunk as a key evidence and monitoring platform.</li>\n</ul>\n<p><strong>Collaboration & Technical Leadership (Non-SOC)</strong></p>\n<ul>\n <li>Collaborate with cybersecurity engineers, ISSOs/ISSMs, system administrators, and network engineers to embed Splunk into system designs and modernization efforts.</li>\n <li>Provide expert guidance on how to leverage Splunk for troubleshooting, audit support, and security visibility.</li>\n <li>Mentor junior engineers and administrators on Splunk best practices, SPL queries, and platform usage.</li>\n <li>Contribute to Splunk standards, runbooks, and engineering documentation tailored for the classified environment.</li>\n</ul>\n<p> </p>\n<h2>Qualifications</h2>\n<p><strong>Required Qualifications</strong></p>\n<ul>\n <li>Active TS/SCI with CI Poly clearance (or eligibility) as required by the program.</li>\n <li>Bachelor’s degree in computer science, Information Security, Information Systems, or equivalent experience.</li>\n <li>6 - 8 years of experience with approximately 4-8 years of IT/cybersecurity experience, with at least 3+ years of hands-on SIEM</li>\n <li>Demonstrated experience supporting Splunk in highly regulated or secure environments (DoD, IC, federal, defense contractor, or similar).</li>\n <li>Proficiency with SPL, including complex searches, statistical commands, sub searches, lookups, and dashboard creation.</li>\n</ul>\n<p><strong>Experience onboarding and normalizing data from:</strong></p>\n<ul>\n <li>Windows and Linux systems</li>\n <li>Network infrastructure (routers, switches, firewalls, proxies)</li>\n <li>Security tools (AV/EDR, IDS/IPS, vulnerability scanners, identity systems)</li>\n <li>Strong understanding of information security principles and controls (logging, monitoring, auditing, least privilege, configuration management).</li>\n <li>Familiarity with NIST 800-53, RMF, JSIG, or similar frameworks applicable to classified systems.</li>\n</ul>\n<p> <strong>Preferred Qualifications</strong></p>\n<ul>\n <li>Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Core Certified Admin, Splunk Enterprise Security Certified Admin).</li>\n <li>Experience operating Splunk in air-gapped, disconnected, or cross-domain (CDS) architectures.</li>\n <li>Scripting skills (Python, PowerShell, Bash) for automation, integrations, and data manipulation.</li>\n <li>Experience with configuration management and infrastructure-as-code (Ansible, Puppet, Chef, Terraform, or similar).</li>\n <li>DoD 8570/8140-compliant certification (e.g., Security+, CySA+, CASP+, CISSP, GSLC, GSEC) as required for IAT/IASAE roles.</li>\n <li>Background in one or more of: systems administration, network engineering, or cyber engineering in classified environments.</li>\n</ul>\n<p> <strong>Skills & Competencies</strong></p>\n<ul>\n <li>Ability to work effectively in a classified, process-driven environment with strong attention to detail and documentation.</li>\n <li>Strong analytical and problem-solving skills; able to independently diagnose Splunk and data pipeline issues.</li>\n <li>Clear and concise communication skills for collaboration with technical teams and security leadership.</li>\n <li>Self-directed and able to prioritize tasks to support mission and compliance deadlines.</li>\n</ul>\n<p> </p>\n<h2>Pay Transparency Statement</h2>AMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $175,000.00/Yr. - USD $185,000/Yr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.\n<h2>EEO Statement</h2>EEO Race/Sex/Disability Status/Veteran Status",
    "directApply": true,
    "jobLocation": [
      {
        "@type": "Place",
        "address": {
          "@type": "PostalAddress",
          "postalCode": "59402",
          "addressRegion": "MT",
          "streetAddress": "UNAVAILABLE",
          "addressCountry": "US",
          "addressLocality": "Malmstrom AFB",
          "postOfficeBoxNumber": "UNAVAILABLE"
        }
      }
    ],
    "validThrough": "2027-03-30T04:00:00.000Z",
    "employmentType": "FULL_TIME",
    "salaryCurrency": "USD",
    "hiringOrganization": {
      "name": "AMERICAN SYSTEMS",
      "@type": "Organization",
      "sameAs": "www.americansystems.com"
    },
    "occupationalCategory": "IT / Cyber Security / Network Systems"
  },
  "detail_meta": {
    "url": "https://careers-americansystems.icims.com/jobs/4203/senior-siem-engineer/job?in_iframe=1",
    "http_status": 200,
    "content_type": "text/html;charset=UTF-8",
    "response_bytes": 45236,
    "compact_response_bytes": 8275,
    "original_response_bytes": 45236
  },
  "sitemap_job": {
    "id": "4203",
    "url": "https://careers-americansystems.icims.com/jobs/4203/senior-siem-engineer/job",
    "slug": "senior-siem-engineer",
    "lastmod": "2026-05-13T16:27:20-04:00"
  },
  "detail_errors": []
}