Cyber Content Developer Job at IPSecure in Town of Texas

CYBER CONTENT DEVELOPER / SIEM ENGINEER (33 NWS)- JBSA LACKLAND, SAN ANTONIO, TEXAS – TS / SCI REQUIRED

Job Description

The Cyber Content Developer / SIEM Engineer implements use cases based on mission requirements that provide analysts with a manageable SIEM view of security incidents, complete with workflow and reporting. Additionally, provide proactive housekeeping of associated content (use cases) with consideration for revisions and / or decommissioning. Will be in close collaboration with DO and DM leadership to ensure tasks align with squadron requirements, priorities, and future initiatives.

Responsibilities

• Analyze DCO events.
• Apply current industry SIEM best‑practices.
• Use security alerts correlated with log enrichment data to enhance the operator’s ability to identify real attacks.
• Establish security control effectiveness and monitor for unauthorized outbound connections.
• Create detections by analyzing log data across the enterprise.
• Develop dashboards and visualizations to identify adversarial activity.
• Use log data to establish and implement virtual tripwires for early detection.
• Analyze and ingest security logs into the SIEM in order to optimize for performance of the SIEM.
• Conduct designing, implementing, and testing of various SIEM solutions.
• Create and support the creation of SIEM Use Cases and understand what alerts and log enrichment is necessary to meet the required acceptable false positive rate.
• Create, test, and validate filters and rules.
• Build and implement event correlation rules, logic, and content in the SIEM.
• Tune SIEM event correlation rules and logic to filter out security events associated with known and well‑established network behavior, known false positives and / or known errors.
• Analyze malware threats to develop behavior‑based detections that alert and / or prevent malicious activity.
• Automate tasks in the SIEM using a common programming or scripting language.
• Create scheduled and ad‑hoc reporting with SEIM tools.
• Create and maintain SIEM documentation.
• Develop and execute a process to review and maintain SIEM resources such as rules, filters, lists, trends and reports.

Basic Qualifications

Preferred Qualifications

Medical, Dental, Vision, Unlimited Vacation, Sick Leave, Paid Federal Holidays, Education and Certification Reimbursement Program, 401(k) retirement plan with safe harbor employer match after 3 months, Prepaid legal plan and ID protection plan available, Accident Insurance, Critical Illness Insurance, and Hospital Indemnity Insurance available.

EEOC Statement

IPSecure does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protected veteran.

IPSecure is an Equal Opportunity Affir­mental Action Employer. EOE, Minorities, Females, Vet, Disabled, Sexual Orientation, Gender Identity or any other protected class. All qualified job seekers are encouraged to apply. IPSecure is committed to America's veterans by providing opportunities for them to continue contributing after service to our nation. We also work to provide reasonable accommodations to individuals with disabilities.

EEO Is The Law

Disability Accessibility Accommodation - If you have a disability and require assistance with our online application process, please tell us how we can help.

E-mail hr@ipsecureinc.com or call 210-877-1111.

Note : Pay Transparency - The company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

#J-18808-Ljbffr