SIEM Content Developer

About The Position

Requirements

• Five (5) years of relevant IT experience
• Three (3) years working with a SIEM in a content development or Incident Response role.
• Three (3) years of System and/or Network Administration experience
• Understanding of various log formats
• Understanding of the MITRE ATT&CK framework
• Strong understanding of network architecture
• Experience developing and maintaining scripts (preferably using Powershell, Python or SPL)
• Understanding of Defense-in-Depth
• Must possess a current DOD Top Secret Clearance and be eligible for an IT-I Critical Sensitive security clearance or Tier 5 (T5) at time of proposal submission.
• Must have Baseline Certification for IT-II and CNDSP/CSSP-IR when on boarding and must have one of the “Computer Network Defense” CE Certifications within six (6) months of on-boarding.

Responsibilities

• researching and developing new threat detection use cases based on emerging threats, threat intelligence research and Threat Detection Analyst feedback
• work with stakeholders and cybersecurity tool SMEs to identify gaps in security protection and analytics capabilities
• develop custom scripts to enhance SIEM functionality
• review quality of data feeds and recommend and/or implement improvements
• collaborate with stakeholders to identify critical systems and application components to develop alerting priorities and create signatures tailored to individual programs and applications

Benefits

• Medical, Dental, and Vision Plans (PPO & HSA options available)
• Flexible Spending Accounts (Health Care & Dependent Care FSA)
• Health Savings Account (HSA)
• 401(k) with matching contributions
• Roth
• Qualified Transportation Expense with matching contributions
• Short Term Disability
• Long Term Disability
• Life and Accidental Death & Dismemberment
• Basic & Voluntary Life Insurance
• Wellness Program
• PTO
• 11 Holidays
• Professional Development Reimbursement