Y-Tech, LLC is hiring : SIEM Content Developer in Fort Belvoir

Job Description Researches and develops new threat detection use cases based on emerging threats, threat intelligence research, and Threat Detection Analyst feedback. Works with stakeholders and cybersecurity tool SMEs to identify gaps in security protection and analytics capabilities. Develops custom scripts to enhance SIEM functionality. Reviews the quality of data feeds and recommends and / or implements improvements.

Collaborates with stakeholders to identify critical systems and application components to develop alerting priorities and create signatures tailored to individual programs and applications.

Minimum Requirements Five (5) years of relevant IT experience

Three (3) years working with a SIEM in a content development or Incident Response role

Three (3) years of System and / or Network Administration experience

Understanding of various log formats

Understanding of the MITRE ATT&CK framework

Strong understanding of network architecture

Experience developing and maintaining scripts (preferably using PowerShell, Python, or SPL)

Understanding of Defense-in-Depth

Must possess a current DOD Top Secret Clearance and be eligible for an IT-I Critical Sensitive security clearance or Tier 5 (T5) at the time of proposal submission

Must have Baseline Certification for IT-II and CNDSP / CSSP-IR when onboarding and must have one of the "Computer Network Defense" CE Certifications within six (6) months of onboarding

Work Environment Work to be performed On-Site (Only) . Work locations include Columbus, OH; Battle Creek, MI; Ft. Belvoir, VA.

#J-18808-Ljbffr