✦ Luna Orbit — Cybersecurity

SIEM Platform Engineer

at Booz Allen Hamilton Holding

📍 4 Locations Hybrid 💰 $77K – $176K USD / year Posted March 31, 2026
Apply Now → ← Browse All Jobs

Position Details

Salary $77K – $176K USD / year
Type Full-Time
Experience senior
Exp. Years 5+ years
Education HS diploma or GED
Category Cybersecurity

About this role

Booz Allen seeks a senior SIEM Platform Engineer to design, deploy, and operate high-performing SIEM systems across cloud, on-premises, and disconnected environments. The role centers on threat hunting, detection engineering, and secure architecture.

Key Responsibilities

  • Design and maintain SIEM platforms
  • Develop threat-hunting workflows
  • Deploy across cloud/on-prem/disconnected environments
  • Collaborate with vendors and security teams
  • Ensure ILM and security compliance

Technical Overview

Technical scope includes Elastic Stack and other SIEM platforms (Splunk, Chronicle), data pipelines for security operations, Kubernetes/OpenShift, EDR/NDR tooling, and ILM/SEC compliance in a TS/SCI environment.

Ideal Candidate

The ideal candidate is a senior SIEM platform engineer with 5+ years of SIEM experience, strong Elastic Stack and SIEM toolset expertise, and TS/SCI clearance. They should be proficient in designing data pipelines for threat detection and familiar with Kubernetes/OpenShift in regulated environments.

Must-Have Skills

5+ years of experience with SIEM platforms3+ years of experience designing data pipeline architectures for security operations2+ years of Elastic Stack experience (LogstashElasticsearchKibanaBeats)Experience with EDRNDRor full-packet capture (CrowdStrikeCorelightTrellix)Experience deploying platforms across cloudon-premises and disconnected environments using Kubernetes or OpenShiftKnowledge of Elastic Index Lifecycle Management (ILM)TS/SCI clearance

Nice-to-Have Skills

Experience with stream processing or data brokering (CriblKafkaLogstashFluentd)Docker and cloud containerization (Elastic Cloud on Kubernetes - ECK)DevSecOps CI/CD in IL5/IL6/IL7 environmentsPython or scripting for security automationSecurity+CISSPCISSP-ISSEPCASP+

Tools & Platforms

Elastic StackSplunk Enterprise SecurityKubernetesOpenShiftJiraConfluenceGitGitLabCrowdStrikeCorelightTrellixFoundrySlither

Required Skills

Elastic Stack; Logstash; Elasticsearch; Kibana; Beats; Elastic Security; Splunk Enterprise Security; Chronicle; Kubernetes; OpenShift; EDR; NDR; CrowdStrike; Corelight; Trellix; ILM; Python

Hard Skills

Elastic StackLogstashElasticsearchKibanaBeatsElastic SecuritySplunk Enterprise SecurityChronicleKubernetesOpenShiftEDRNDRCrowdStrikeCorelightTrellixIndex Lifecycle ManagementILMPython

Soft Skills

CommunicationCollaborationProblem-solvingAttention to detailAbility to work in classified environments

Certifications

Preferred

Security+CISSPCISSP-ISSEPCASP+

Industry & Role

Industry Government
Job Function Design, deploy, and maintain SIEM platforms for government security operations
Role Subtype Senior SIEM engineer
Tech Domains Elastic Stack, Kibana, Logstash, Elasticsearch, Beats, Kubernetes, OpenShift, Splunk, Chronicle, EDR

Keywords for Your Resume

siem platform engineerelastic stackkibanalogstashelasticsearchbeatselastic securitysplunk enterprise securitychroniclekubernetesopenshiftedrndrcrowdstrikecorelighttrellixilmts/SCI clearancesecurity trainingpythonclockhazardclassified environmentssecurity

Deal Breakers

TS/SCI clearance required, Experience with Elastic ILM and multiple SIEM platforms

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile