SIEM Engineer
Zachary Piper Solutions · Newington, VA · Yesterday
On-siteEngineering$180k–$195k/yrFull-time
Responsibilities
- Design, implement, configure, and maintain Splunk Enterprise and Splunk Enterprise Security to support enterprise-scale security monitoring and threat detection.
- Develop, optimize, and tune SIEM use cases, correlation searches, detection rules, dashboards, and alerts to improve detection accuracy and reduce false positives.
- Analyze and correlate security events across Windows, Linux, firewalls, IDS/IPS, cloud platforms, and other enterprise log sources to identify threats and support incident response.
- Manage log ingestion, normalization, retention, and event correlation to ensure effective SIEM operations and data visibility.
- Partner with SOC analysts, security engineers, threat intelligence, and IT infrastructure teams to improve monitoring capabilities and overall security posture.
- Support cybersecurity investigations by identifying, analyzing, and responding to security events across multiple data sources.
- Implement automation and scripting solutions using Python, Bash, or PowerShell to improve operational efficiency and SIEM functionality.
- Support continuous improvement initiatives by integrating threat intelligence, cloud security monitoring, SOAR capabilities, and cybersecurity best practices into the enterprise security platform.
Qualifications
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
- 3+ years of experience in SIEM engineering, cybersecurity monitoring, or security analytics.
- Hands-on experience with Splunk Enterprise Security, Splunk Enterprise, or other SIEM platforms such as IBM QRadar.
- Experience with log management, event correlation, alert tuning, SIEM use case development, and detection engineering.
- Strong understanding of Windows, Linux, firewall, IDS/IPS, cloud, and other enterprise security logs.
- Experience with Python, Bash, or PowerShell, along with knowledge of TCP/IP, DNS, HTTP/S, and cybersecurity frameworks including NIST and MITRE ATT&CK.
- Experience with AWS, Azure, or GCP security monitoring, SOAR platforms, threat intelligence integration, and supporting federal or DoD cybersecurity environments is preferred.
Pay
Salary Range: $180,000 - $195,000 *depending on experience*
Benefits
- Cigna Medical, Dental, Vision
- 401k Plan
- PTO
- Holidays
- Sick Leave if required by law
Application Information
This job opens for applications on 07/14. Applications for this job will be accepted for at least 30 days from the posting date.