SIEM Content Engineer

Tyto Athene, LLCWashington, DC
2d$150,000 - $160,000Remote
Match Resume

About The Position

Tyto Athene is searching for a forward-thinking and self-motivated SIEM Content Engineer to focus on enhancing a government client’s detection content for their Security Operations Center (SOC). This exciting role requires curiosity, creativity, and critical thinking skills, as well as superior attention to detail, great organizational skills, and the ability to work in a highly collaborative work environment.

Requirements

  • Bachelor’s degree required
  • Eight (8) years of general work experience (with at least six (6) years of IT/Cyber experience) and two (2) years of experience using Splunk (or a similar SIEM tool) in a cybersecurity context (e.g., as a content developer, administrator, or SOC analyst, etc.…)
  • Direct experience developing SIEM content in collaboration with a Tier 1 security operations center
  • Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms
  • Ability to manage, analyze, and report complex data in an easy-to-understand format for a variety of stakeholders
  • Familiarity with the MITRE ATT&CK Framework
  • Experience with Splunk and development
  • Experience developing Splunk dashboards, reports, and alerts
  • Secret Clearance required

Nice To Haves

  • Experience with Splunk Enterprise Security is a plus

Responsibilities

  • Evaluate existing SIEM content to determine which content should be removed or updated to improve fidelity
  • Leverage the MITRE ATT&CK framework, monitor the threat landscape and evaluate existing data sources to identify opportunities for new SIEM content development
  • Support the onboarding of new data sources by developing relevant SIEM content
  • Develop SIEM detection uses cases and review them with relevant stakeholders, such as security engineers, SIEM engineers, SOC analysts, and incident responders
  • Collaborate with security engineers to improve logging from various appliances and correct misconfigurations
  • Coordinate closely with SOC analysts and incident responders to develop playbooks for triaging and responding to events created by the SIEM tool
  • Develop and maintain a SIEM content catalog, including mapping to the MITRE ATT&CK framework, to improve the efficiency of deploying the security stack to new environments
  • Design, develop, and monitor various dashboards and reports that provide information on content coverage, alerting, and fidelity

Benefits

  • Health/Dental/Vision
  • 401(k) match
  • Paid Time Off
  • STD/LTD/Life Insurance
  • Referral Bonuses
  • professional development reimbursement
  • parental leave

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Number of Employees

501-1,000 employees

Job Search Resources

Similar SIEM Content Engineer job opportunities

🔥 New JobSIEM Content Engineer
Tyto Athene
Tyto Athene • Washington, DC19h • $150,000 - $160,000 • Remote
Senior Security Engineer (SIEM SPLUNK)
Denim Group
Denim Group • Denver, CO13d • $78,000 - $135,000 • Remote
SIEM Support Lead
Accenture Federal Services
Accenture Federal Services • Arlington, VA8d
Sr. Splunk / SIEM Engineer
August Schell
August Schell • Alexandria, VA1d • Hybrid
🔥 New JobSr. Splunk / SIEM Engineer
August Schell Enterprises
August Schell Enterprises • Alexandria, VA2d • Hybrid
SIEM Support Lead
Accenture Federal Services
Accenture Federal Services • Arlington, VA9d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service