logo inner

Platform / SIEM Engineer (Senior)

Dark Wolf SolutionsOnsite

Dark Wolf Solutions is seeking a Senior Platform / SIEM Engineer to support the Unified Platform Cyber Operations & Security Center (COSC) in San Antonio, TX. The Senior Platform / SIEM Engineer will lead efforts to design, deploy, and optimize telemetry pipelines, SIEM configurations, and observability frameworks that provide real-time visibility and threat detection across COSC’s classified and multi-tenant cloud environments. This role requires deep technical expertise in SIEM engineering, data ingestion pipelines, cloud observability, and operational monitoring at scale.

Key Responsibilities


  • Architect and implement telemetry collection pipelines across cloud, platform, application, and network layers.
  • Design, configure, and maintain SIEM platforms (Elastic Stack, LogRhythm, or Splunk) for multi-tenant, classified environments.
  • Develop and maintain parsing rules, normalization logic, alerting content, and correlation workflows within the SIEM.
  • Build and maintain observability dashboards to visualize platform health, performance metrics, and security telemetry.
  • Ensure telemetry ingestion pipelines are resilient, scalable, and aligned with data retention and compliance requirements.
  • Support tuning of detection content to reduce false positives and enhance signal fidelity across COSC environments.
  • Collaborate with Cloud Engineers, Security Analysts, and SREs to ensure complete visibility across mission systems.
  • Lead integration of logging and telemetry from Kubernetes clusters, containerized applications, cloud-native services, and SaaS platforms.
  • Support SIEM platform upgrades, scaling, and performance optimization efforts.
  • Align telemetry engineering with NIST 800-53 controls, RMF requirements, and DoD cybersecurity standards.
  • Mentor mid-level and junior engineers on telemetry engineering best practices and SIEM administration.

Basic Qualifications


  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical field, or equivalent industry experience.
  • Minimum of 6–8 years of experience in SIEM engineering, platform monitoring, or cybersecurity operations.
  • Hands-on experience architecting and maintaining enterprise-grade SIEM solutions (Elastic Stack, LogRhythm, Splunk).
  • Strong expertise in data normalization, parsing, enrichment, and correlation rule development.
  • Experience managing cloud-native telemetry collection from AWS, Azure, Kubernetes, and containerized environments.
  • Familiarity with security detection frameworks such as Sigma rules, MITRE ATT&CK, and threat hunting methodologies.
  • Strong scripting skills (Python, Bash, PowerShell) for telemetry transformation and SIEM automation.
  • Understanding of NIST cybersecurity frameworks, DoD RMF, and STIG compliance requirements.
  • US Citizenship required with an active Secret clearance and eligibility for Top Secret/SCI.

Desired Qualifications


  • Certifications such as Elastic Certified Engineer, Splunk Certified Architect, or GIAC GMON.
  • Experience designing observability architectures supporting both mission health and cybersecurity detection.
  • Experience implementing log pipelines using Fluentd, Beats, Logstash, or similar agents.
  • Familiarity with security orchestration, automation, and response (SOAR) integrations.
  • Experience supporting Department of Defense or Intelligence Community cybersecurity operations.

The estimated salary range is $145,000.00 - $180,000.00, commensurate on experience, technical expertise, certifications, and clearance level.Primary work location is San Antonio, TX. Hybrid model with a mix of remote and on-site support; on-site presence required for classified system activities.We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Life at Dark Wolf Solutions

Dark Wolf Solutions provides DevSecOps agile software development, information operations, penetration testing and incident response, applied research and rapid prototyping, machine learning, and mission support and engineering services to the Intelligence Community, national security, and Fortune 500 customers. By combining the most innovative emerging technologies with deep federal domain expertise, Dark Wolf operates at the nexus of technical innovation and mission needs.
Thrive Here & What We Value1. EEO/AA Employer2. Minorities/Women/Veterans/Disabled and other protected categories3. Continuous Learning and Improvement Mindset4. Hybrid Work Environment Supported5. Strong Technical Skills and Analytic Ability Valued6. Excellent Communication and Collaboration Skills Emphasized7. Attention to Detail and Organizational Abilities Expected8. Continuous Monitoring Practices Familiarity Preferred
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025