Job Description

Job Description

Position Description Summary:

Design and develop advanced SIEM content to detect evolving cyber threats within a high-security government network. You will research threat intelligence, collaborate with analysts, and tailor alerts and detection logic to mission systems, increasing the speed and precision of incident detection.

Responsibilities:

• Create and optimize SIEM use cases for threat detection

• Collaborate with analysts and tool SMEs to close detection gaps

• Write custom scripts to enhance log correlation and data normalization

• Evaluate and improve data feed quality

• Leverage MITRE ATT&CK for threat mapping and use case development

• Prioritize detection signatures based on critical systems and applications

Skills & Experience:

• 5+ years of IT experience

• 3+ years SIEM content development or IR experience

• 3+ years of system or network administration experience

• Familiarity with common log formats (Windows, syslog, firewall, etc.)

• Strong scripting skills (Python, PowerShell, or SPL preferred)

• Understanding of MITRE ATT&CK and network architecture

• Deep knowledge of Defense-in-Depth principles

Education:

• Bachelor's preferred

• Must Cybersecurity Service Provider – Incident Responder related certification (CEH, GCIA, GCIH, CSIH, CFR, or equivalent).

• Must have or be able to obtain an I.T. skill certification within six (6) months

Security Clearance Required:

• Active DoD Top Secret Clearance (or active Secret and eligible for a Top Secret Clearance)

Job Tags

Similar Jobs