Job Requirements
Washington, DC
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Description:Hybrid 2 Days Onsite/3 Days Remote in Washington, DC
Our client seeks a SIEM Engineer to support enterprise security monitoring, detection engineering, and log management within a federal SOC environment. The role administers SIEM platforms, onboards telemetry, tunes detections, and integrates security tools to improve visibility and response outcomes.
Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.
Rate: $71.00 to $76.00/hr. w2
Responsibilities:
Experience Requirements:
Our client seeks a SIEM Engineer to support enterprise security monitoring, detection engineering, and log management within a federal SOC environment. The role administers SIEM platforms, onboards telemetry, tunes detections, and integrates security tools to improve visibility and response outcomes.
Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.
Rate: $71.00 to $76.00/hr. w2
Responsibilities:
- Administer and support SIEM platforms such as Splunk and Microsoft Sentinel.
- Develop and maintain search queries, dashboards, alerts, and detection logic.
- Perform telemetry onboarding, including log source integration and troubleshooting.
- Analyze and optimize data pipelines for accurate, real-time monitoring.
- Tune alerts and detections to reduce false positives and improve signal quality.
- Develop and refine correlation rules and detection use cases.
- Integrate SIEM with EDR/XDR, vulnerability management, and ticketing systems.
- Collaborate with SOC analysts and engineers to improve detection and response workflows.
- Support incident investigations through log analysis and data correlation.
- Develop documentation for SIEM configurations, onboarding processes, and detection content.
- Contribute to operational reporting and metrics related to SIEM performance.
Experience Requirements:
- 5+ years in SIEM engineering, SOC operations, or cybersecurity engineering.
- Hands-on experience with Splunk administration, search, dashboards, alerting, or detection support.
- Experience with telemetry onboarding and log source troubleshooting.
- Background in alert tuning, correlation logic, detection refinement, and false-positive reduction.
- Experience integrating SIEM with security and IT operations tools.
- Understanding of log management, security monitoring, and detection methodologies.
- Experience in enterprise or 24x7 SOC environments.
- Preferred: experience supporting federal environments or regulated frameworks such as FISMA and NIST.
- Preferred: familiarity with detection engineering frameworks and threat modeling.
- Preferred: scripting for automation using Python or PowerShell.
- Preferred: knowledge of log normalization, parsing, and data enrichment.
- Preferred certifications: Splunk (Power User, Admin, Architect), Microsoft Security/Sentinel, Security+ or CySA+.
- Technical environment exposure: Splunk, Microsoft Sentinel, Microsoft Defender, Rapid7 InsightVM, Veracode, Jira, Confluence, AWS, Azure, Okta, Entra ID/PIM, CyberArk, Intune, Device42, Microsoft Purview, Appian, Oracle, and hybrid on-prem plus cloud.
group id: 10106647