What are the responsibilities and job description for the SIEM Administrator (Information Systems Analyst II Option C) position at Illinois Department of Innovation & Technology (DoIT)?
Are you looking for a rewarding career with an organization that values their staff? The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. This position serves as a SIEM Administrator for the Department of Innovation & Technology (DoIT) performing complex professional and advisory functions in Client Services, including collaborating with the security team to enhance visibility, detection, and monitoring across the enterprise environment. In this role, you will implement, configure, and troubleshoot the State’s Security Information and Event Management (SIEM) platform, verifying reliable operation, optimal performance, and alignment with enterprise security requirements. Additionally, you will develop, implement, and refine event correlation rules in coordination with agency partners, including supporting ingestion and normalization of appropriate log sources for improved detection and visibility. If you possess these knowledges, skills, abilities, and experience, we invite you to apply for this position to join the DoIT Team!
As a State of Illinois employee, you receive a comprehensive benefits package including:
Essential Functions
NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position.
Headquarter Location: 120 W Jefferson St, Springfield, Illinois, 62702
Work County: Sangamon
Agency Contact: Lorna Bock
Email: Lorna.A.Bock@illinois.gov
Posting Group: Science, Technology, Engineering & Mathematics
This position DOES contain “Specialized Skills” (as that term is used in CBAs).
The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.
APPLICATION INSTRUCTIONS
Use the “Apply” button at the top right or bottom right of this posting to begin the application process.
If you are not already signed in, you will be prompted to do so.
State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon.
Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon. If you have never before signed in, you will be prompted to create an account.
If you have questions about how to apply, please see the following resources:
State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid
Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.
The Main Form Of Communication Will Be Through Email. Please Check Your “junk Mail”, “spam”, Or “other” Folder For Communication(s) Regarding Any Submitted Application(s). You May Receive Emails From The Following Addresses
As a State of Illinois employee, you receive a comprehensive benefits package including:
- Competitive Group Insurance benefits including health, life, dental and vision plans.
- Flexible work schedules (when available and dependent upon position).
- 10 -25 days of paid vacation time annually (10 days for first year of state employment).
- 12 days of paid sick time annually which carryover year to year.
- 3 paid personal business days per year.
- 13-14 paid holidays per year dependent on election years.
- 12 weeks of paid parental leave.
- Pension plan through the State Employees Retirement System.
- Deferred Compensation Program – voluntary supplemental retirement plan.
- Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP).
- Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility.
Essential Functions
- Under administrative direction, serves as a Security Information and Event Management (SIEM) Administrator for the Department of Innovation & Technology (DoIT) performing complex professional and advisory functions in Client Services, including collaborating with the security team to enhance visibility, detection, and monitoring across the enterprise environment.
- Develops, implements, and refines event correlation rules in coordination with agency partners, including supporting ingestion and normalization of appropriate log sources for improved detection and visibility.
- Administers and maintains the SIEM platform in partnership with vendors, including applying updates, coordinating patch cycles, and proactively monitoring system performance and health.
- Keeps abreast of new developments in the information technology field by continuing education through online training platforms, meetings, training sessions, seminars, and conferences to increase familiarity with and remain current on products, vendors, techniques, and procedures.
- Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above.
- Requires knowledge, skill, and mental development equivalent to four (4) years of college with coursework in computer science or directly related fields.
- Requires three (3) years of professional experience in Client Services or a related Information Technology field.
- Requires three (3) years of professional experience administering and maintaining a Security Information and Event Management (SIEM) platform in a public or private organization, including implementing, configuring, troubleshooting, and optimizing the system for reliable and secure operation.
- Requires three (3) years of professional experience performing log onboarding and data ingestion activities, including configuring new data inputs, validating log quality, and normalizing event data to support broad integration of log sources.
- Requires three (3) years of professional experience developing SIEM dashboards, reports, alerts, and correlation rules, including creating actionable visualizations and automated notifications to support monitoring and incident response.
- Requires three (3) years of professional experience performing system administration tasks within an SIEM environment, including managing indexes, applications, knowledge objects, data flows, and monitoring system performance.
- Three (3) years of professional experience administering and maintaining a Security Information and Event Management (SIEM) platform in a public or private organization, including implementing, configuring, troubleshooting, and optimizing the system for reliable and secure operation.
- Three (3) years of professional experience performing log onboarding and data ingestion activities, including configuring new data inputs, validating log quality, and normalizing event data to support broad integration of log sources.
- Three (3) years of professional experience developing SIEM dashboards, reports, alerts, and correlation rules, including creating actionable visualizations and automated notifications to support monitoring and incident response.
- Three (3) years of professional experience performing system administration tasks within an SIEM environment, including managing indexes, applications, knowledge objects, data flows, and monitoring system performance.
- Three (3) years of professional experience with IT Service Management (ITSM) processes, including managing service requests, coordinating changes, and verifying compliance with established procedures.
- Three (3) years of professional experience using scripting or automation tools to streamline system administration tasks, reduce manual workload, and improve operational efficiency.
- Ability to analyze data logically and exercise sound judgement in defining and evaluating problems of an operational or procedural nature.
- Ability to gain and maintain effective working relationships with associates, vendors, clients, and others, fostering collaboration in resolving technical issues and supporting team members or management staff.
- Developed verbal and written communication skills to present technical information clearly and precisely to diverse audience, including business users, development teams, agency executives, and others.
- Certification(s) in one or more of the following: Certification(s) in CrowdStrike [e.g., Certified Falcon Administrator (CCFA), Certified Falcon Responder (CCFR), Certified Falcon Hunter (CCFH), or LogScale Analyst], certification(s) specific to SIEM, XDR, and Log Analytics [e.g., CompTIA Cybersecurity Analyst (CySA ), GIAC Security Essentials Certification (GSEC), GIAC Certified Detection Analyst (GCDA)] or other similarly related Security or IT foundational certification(s).
NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position.
- Requires the ability to verify identity.
- Requires employment authorization to accept permanent full-time position with State of Illinois.
- Requires the ability to pass a position specific, agency required background check and requires self-disclosure of criminal history.
- Requires the ability to travel in performance of duties.
- Requires the ability to work overtime including scheduled, unscheduled, short notice, evening, weekends, and holidays.
- Requires the ability to work outside of normal hours to meet deadlines.
- Requires the ability to use agency supplied equipment such as laptop, personal computer, work cell phone, etc.
- Requires the ability to attend seminars, conferences, and training to remain current on methods, tools, ideologies, or other industry related topics relevant to job duties.
- Requires the ability to lift and carry objects or equipment weighing up to 10 pounds. This is considered sedentary work as defined by the U.S. Department of Labor (20 CFR 404.1567(a)). Sedentary work involves lifting no more than 10 pounds at a time and requires occasional lifting, carrying, walking, and standing.
- The conditions of employment listed are incorporated and/or related to any duties included in the position description.
Headquarter Location: 120 W Jefferson St, Springfield, Illinois, 62702
Work County: Sangamon
Agency Contact: Lorna Bock
Email: Lorna.A.Bock@illinois.gov
Posting Group: Science, Technology, Engineering & Mathematics
This position DOES contain “Specialized Skills” (as that term is used in CBAs).
The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.
APPLICATION INSTRUCTIONS
Use the “Apply” button at the top right or bottom right of this posting to begin the application process.
If you are not already signed in, you will be prompted to do so.
State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon.
Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon. If you have never before signed in, you will be prompted to create an account.
If you have questions about how to apply, please see the following resources:
State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid
Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.
The Main Form Of Communication Will Be Through Email. Please Check Your “junk Mail”, “spam”, Or “other” Folder For Communication(s) Regarding Any Submitted Application(s). You May Receive Emails From The Following Addresses
- donotreply@SIL-P1.ns2cloud.com
- systems@SIL-P1.ns2cloud.com