Cyber Engineer - Elastic Security SIEM

**Job Description**

BAE Systems is seeking a SIEM expert to design, implement, and operate our enterprise-grade security monitoring and detection platform across a multi-tenant environment. The ideal candidate will have deep hands-on experience with the Elastic Stack (Elasticsearch, Logstash, Kibana, Beats, Elastic Agent), strong detection engineering skills, and a proven track record of building scalable, reliable SIEM solutions in a complex, high-paced environment. You will bridge multi-tenant, largescale data engineering with Security Operations, ensuring highvolume log ingestion, strict schema enforcement, and the delivery of actionable alerts to our SOC teams. Ensure inter-operability with other other Platforms and Systems in the environment and secure the SIEM Platform to DoD Risk Management standards.

**Core Responsibilities**

+ Architecture & Cluster Management Design, deploy, and maintain highthroughput, distributed Elasticsearch clusters onpremise. Implement ILM policies, data streams, and hot/cold/frozen tier strategies to optimize performance and storage cost.

+ Data Engineering & Ingestion Build scalable pipelines with Elastic Agents, Fleet, and Logstash for continuous log collection.

+ Data Normalization & Schemas Map diverse security logs (network, identity, endpoint) to the Elastic Common Schema (ECS) and enforce strict normalization.

+ Detection Engineering Partner with SOC analysts to create, tune, and test advanced detection rules using ES|QL, EQL, and KQL, reducing false positives.

+ Dashboards & Analytics Develop sophisticated Kibana visualizations, Lens analytics, and operational dashboards to provide rapid situational awareness for incident responders.

This position is located in Chesapeake, VA. There is no relocation assistance available for this position. Applicants must be currently residing in or state willingness to relocate self to Chesapeake, VA or surrounding areas.

**Required Education, Experience, & Skills**

+ **Years of Experience:** 510years in cybersecurity engineering; minimum 3years focused on largescale Elastic Stack/SIEM deployments.

+ **Education:** Bachelor s degree in Computer Science, Cybersecurity, Information Technology, or equivalent professional experience.

+ **Preferred Certifications:** Elastic Certified Engineer, Elastic Certified SIEM Analyst, CISSP or comparable security certifications.

+ **Elastic Ecosystem** : Expertlevel mastery of Elasticsearch, Logstash, Kibana, and Fleet; deep knowledge of index templates, shard allocation, and mappings.

+ **Operating Systems:** Handson administration and hardening of Red Hat Enterprise Linux (RHEL) environments.

+ **Storage Systems:** Experience configuring SANs to support highthroughput, IOPSintensive log storage.

+ **Query Languages:** Proficiency with ES

+ **Automation & IaC:** Deploy infrastructure with Ansible; containerise services using Docker and Kubernetes.

+ **Scripting:** Strong Python, Bash, or PowerShell skills for custom log parsing, API integration, and ETL processes.

+ **Security Context:** Solid understanding of corporate security logging architecture, network protocols (TCP/IP, DNS, Syslog), and the MITRE ATT&CK framework.

**Preferred Education, Experience, & Skills**

+ **Linux Administration:** Expertlevel proficiency in Linux system administration

+ **Virtualization** :Hands-on experience administering and configuring virtualized environments (e.g., VMware vSphere, ESXi, or KVM) to support, scale, and optimize SIEM cluster deployments.

+ Certifications: Red Hat or other Linux certifications

+ **DevSecOps:** Deep knowledge of DevSecOps practices and tooling.

+ **Private Cloud:** Experience with privatecloud architectures and orchestration (OpenStack, VMware Cloud Foundation, etc.).

+ **Kubernetes:** Advanced competence in Kubernetes/container technologies for scalable SIEM services.

**Pay Information**

Full-Time Salary Range: $107359 - $182510

Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.

**Cyber Engineer - Elastic Security SIEM**

**125798BR**

EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression