SIEM Engineer
Description:
Job Description
Position Description Summary:
Design and develop advanced SIEM content to detect evolving cyber threats within a high-security government network. You will research threat intelligence, collaborate with analysts, and tailor alerts and detection logic to mission systems, increasing the speed and precision of incident detection.
Responsibilities:
• Create and optimize SIEM use cases for threat detection
• Collaborate with analysts and tool SMEs to close detection gaps
• Write custom scripts to enhance log correlation and data normalization
• Evaluate and improve data feed quality
• Leverage MITRE ATT&CK for threat mapping and use case development
• Prioritize detection signatures based on critical systems and applications
Skills & Experience:
• 5+ years of IT experience
• 3+ years SIEM content development or IR experience
• 3+ years of system or network administration experience
• Familiarity with common log formats (Windows, syslog, firewall, etc.)
• Strong scripting skills (Python, PowerShell, or SPL preferred)
• Understanding of MITRE ATT&CK and network architecture
• Deep knowledge of Defense-in-Depth principles
Education:
• Bachelor's preferred
• Must Cybersecurity Service Provider – Incident Responder related certification (CEH, GCIA, GCIH, CSIH, CFR, or equivalent).
• Must have or be able to obtain an I.T. skill certification within six (6) months
Security Clearance Required:
• Active DoD Top Secret Clearance (or active Secret and eligible for a Top Secret Clearance)Company Description
Tuba Group is a small federal contracting business and a CMMI® Level 3 Rated, ISO9001:2015 certified organization. with a primary focus in accounting, financial, systems, technical, engineering, administrative, management, and subject matter expertise. Our mission is to provide value-added solutions that contribute to the success of government agencies, small businesses and independent professionals by leveraging the skill and talent our most valuable resources - our people.
Full-time