**This position is contingent upon contract award**
SOSi is seeking a highly qualified Enterprise Logging Solution (ELS) Lead to support a DHS enterprise cybersecurity program providing 24/7 Security Operations Center (SOC) services. The ELS Lead provides advanced technical leadership for enterprise-scale logging, monitoring, SIEM engineering, and telemetry integration efforts. This role ensures the reliability, performance, and modernization of CBP鈥檚 enterprise logging ecosystem across on-premises, cloud, and hybrid environments.
Responsibilities
- Lead architecture, engineering, configuration, and optimization of enterprise logging platforms supporting DHS SOC operations.
- Serve as the senior technical authority for SIEM engineering, log ingestion pipelines, parsing, data normalization, enrichment, and storage strategies.
- Oversee onboarding of new data sources, including application, endpoint, network, cloud, and authentication telemetry.
- Maintain and enhance log health monitoring, pipeline resiliency, and log integrity validation.
- Coordinate with SOC analysts, Threat Hunt, IR, CTI, and engineering teams to ensure logging coverage aligns with detection, investigation, and compliance requirements.
- Develop, maintain, and troubleshoot log ingestion processes, forwarders, collectors, and APIs.
- Support dashboard, correlation rule, and alerting development by ensuring high-quality data availability.
- Ensure compliance with CBP logging standards, federal logging mandates, and Zero Trust visibility requirements.
- Lead modernization initiatives involving automation, cloud logging integrations, and data optimization.
- Provide detailed technical reporting, architectural documentation, and data dictionaries.
- Support vulnerability assessments, compliance audits, and cross-team engineering reviews.
- Mentor junior engineers and support knowledge transfer across the SOC.