Skip to Main Content

SIEM Manager

Program Manager Sr. II

Recruitment #23-005483-0047


The Department of Information Technology (DoIT) leads the State in the creation and implementation of information technology solutions that improve IT infrastructure and government services and keep Maryland current within IT industry trends.




Dept. of Information Technology (DoIT)
10 Community Place
Crownsville, MD  21032

Main Purpose of Job

The Security Information and Event Management (SIEM) Manager serves as the focal point and manager for the SIEM service provided to State and Local governmental entities. The role will be responsible for defining the log types necessary to identify malicious activity and to lead ingestion of these logs from across the State.

This role will work jointly with service leaders across DoIT, OSM, and the Cyber Resilience portfolio to ensure that SIEM events are incorporated into the State’s defensive cyber posture. The SIEM Manager will lead adoption of the SIEM service and resolve issues with log ingestion by working with groups consuming the service. 

The role will take project management responsibilities for the SIEM team supporting the service and ensure that logs are being efficiently ingested without unnecessary overhead.  This role aligns with the mission of DoIT to ensure the security of the State’s information networks. This role is responsible for the ingestion of log events in a way that can be centrally managed and used as a basis for the defense of Maryland networks.

 ***This is a Management Service position that serves at the pleasure of the appointing authority***


Design and document the State SIEM Service.

Lead service adoption efforts and manage their progress.

Serve as the subject matter expert for SIEM in related projects and processes.

Plan and schedule SIEM adoption to include scoping log types.

Research SIEM and logging trends and provide feedback as applicable.

Respond as part of the cyber incident recovery team to events as the SIEM lead.


Education:  A bachelor's degree in cybersecurity, information technology, or a related discipline is required for this position

Experience:  Five (5) years’ experience in the following areas: Centralized logging design and support, SIEM deployment and management, Security Operation Center (SOC) support.  Three of the five years’ require project management, project design and scoping experience.


Preference will be given to those who have the following desired qualifications:

Professional level security certification. (e.g. CISSP)
Incident response experience.


Please make sure that you provide sufficient information on your application or resume to show that you meet the qualifications for this recruitment. All information concerning your qualifications must be submitted by the closing date. We will not consider information submitted after this date. Successful candidates will be placed on the eligible (employment) list for at least one year.


The assessment may consist of a rating of your education, training, and experience related to the requirements of the position. It is important that you provide complete and accurate information on your application/resume. Please report all experience and education that is related to this position.



Online applications are highly recommended. However, if you are unable to apply online, the paper application and supplemental questionnaire may be submitted to: Department of Budget and Management, Recruitment and Examination Division, 301 W. Preston St., Baltimore, MD 21201. Paper application materials must be received in our office by the closing date for the recruitment. No postmarks will be accepted.

For questions regarding this recruitment, please contact the DBM Recruitment and Examination Division at or 410-767-4850, MD TTY Relay Service 1-800-735-2258.

We thank our Veterans for their service to our country.

People with disabilities and bilingual candidates are encouraged to apply.

As an equal opportunity employer, Maryland is committed to recruitment, retaining and promoting employees who are reflective of the State's diversity.

For education obtained outside the U.S., a copy of the equivalent American education as determined by a foreign credential evaluation service must be provided prior to hire.

Powered by JobAps