Yesterday
Top Secret
Mid Level Career (5+ yrs experience)
IT - Software
Columbus, OH (On-Site/Office)•Fort Belvoir, VA (On-Site/Office)•Battle Creek, MI (On-Site/Office)
Post this job on clearance jobs and send me the resumes: SIEM CONTENT DEVELOPER
Location: Columbus, Ohio or Ft. Belvoir, Virginia or Battle Creek, MI.
DOD Top Secret Clearance
Certification: DoD Cyber Security Service Provider (CSSP) and Certified Network Defender (CND) certification
Researches and develops new threat detection use cases based on emerging threats, threat intelligence research and Threat Detection Analyst feedback.
Works with stakeholders and cybersecurity tool SMEs to identify gaps in security protection and analytics capabilities.
Develops custom scripts to enhance SIEM functionality. Reviews the quality of data feeds and recommend and/or implement improvements.
Collaborates with stakeholders to identify critical systems and application components to develop alerting priorities and create signatures tailored to individual programs and applications.
Minimum Requirements:
• Five (5) years of relevant IT experience
• Three (3) years working with a SIEM in a content development or Incident Response role.
• Three (3) years of System and/or Network Administration experience
• Understanding of various log formats
• Understanding of the MITRE ATT&CK framework
• Strong understanding of network architecture
• Experience developing and maintaining scripts (preferably using Powershell, Python or SPL)
Location: Columbus, Ohio or Ft. Belvoir, Virginia or Battle Creek, MI.
DOD Top Secret Clearance
Certification: DoD Cyber Security Service Provider (CSSP) and Certified Network Defender (CND) certification
Researches and develops new threat detection use cases based on emerging threats, threat intelligence research and Threat Detection Analyst feedback.
Works with stakeholders and cybersecurity tool SMEs to identify gaps in security protection and analytics capabilities.
Develops custom scripts to enhance SIEM functionality. Reviews the quality of data feeds and recommend and/or implement improvements.
Collaborates with stakeholders to identify critical systems and application components to develop alerting priorities and create signatures tailored to individual programs and applications.
Minimum Requirements:
• Five (5) years of relevant IT experience
• Three (3) years working with a SIEM in a content development or Incident Response role.
• Three (3) years of System and/or Network Administration experience
• Understanding of various log formats
• Understanding of the MITRE ATT&CK framework
• Strong understanding of network architecture
• Experience developing and maintaining scripts (preferably using Powershell, Python or SPL)
group id: 90813030
