Cloud Security Engineer

Delaware Nation Investments Emerging Technologies is seeking a highly qualified Cloud Security SME for one of our USSOCOM programs. This person will support USSOCOM enterprise Information Technology detection, response, and countermeasure actions across the enterprise by implementing a cloud Secure Information and Event Manager (SIEM) solution to ingest security telemetry data from endpoints and other third-party data connections to conduct analysis, recognize trends, and threats or misconfigurations within the enterprise.

Responsibilities:

• The technical solution for Microsoft Sentinel Optimization Services.
• A proposed process and policy development to support the implementation and training of the Microsoft Sentinel Optimization Services
• Acceptable Risk Management Framework (RMF ) package
• Development of user training on Microsoft Sentinel Optimization Services and provides hands-on training to Government personnel.
• Transition the maintenance and data of Microsoft Sentinel Optimization Services.
• Management of the Microsoft Sentinel SIEM which may include:
• Tuning and optimization of Azure Sentinel Baseline and Analytical Detection Rules.
• Enabling and configuring Microsoft Sentinel data connectors for native tools.
• Performance and cost metrics monthly reports which include:
• Log source volume and data types ingested.
• Recommended modifications to existing data sources to optimize data ingestion costs and security relevance/importance of log data being ingested.
• Overall cost attributed to Microsoft Sentinel ingest.
• Quarterly cyber readiness reviews to review overall protection, detection, response capabilities, and program hygiene.
• Provide a deep-dive session to review any findings from the initial Sentinel analysis and introduce additional value propositions.
• Architectural documentation displaying all connector inputs to Microsoft Sentinel.
• Assessment of existing endpoint protection technologies and their integration into Microsoft Sentinel.
• Repository of Microsoft Sentinel ingest requests
• Establish a Lighthouse connection between DISA and the customer
• Provide in-person training to the Government on the SIEM solution
• Deliver Full Operational Capability (FOC) NLT 28 April 2025
• Formal Administrator acceptance brief, knowledge transfer, and transition plan

Qualifications:

• Active TS/SCI Security Clearance
• CompTIA SEC+ and other required IAW DOD 8570
• Expertise in Microsoft Cloud technologies, Microsoft Azure, Microsoft Sentinel, and Microsoft Defender for Endpoint
• Well-versed in AQL query
• Focus on how information moves across the system from one application to another.
• Expertise in requirements engineering, data architecture, testing, and solution deployments including understanding how systems interact with technical architectures.
• Able to make data to easily publish and share data with other applications and data architects design database systems.
• Create and organize large bits of information
• Produce methodologies within the data framework to maintain the consistency and accuracy of the data
• Produce/design data models that represent the structure of data within the data framework