Siem Content Developer Job at Insight Global in Lanham
MediabistroLanham, MD, United States- Full-time
IG is seeking someone with recent and demonstrated concentration in creating detection content and dashboards in Splunk ES for a SOC. As a SIEM Content Engineer you will help ensure today is safe and tomorrow is smarter. Our work depends on SIEM Content Engineer joining our team to enhance threat detection capabilities.
Day to Day / Description :
Content Development : Design, develop, and implement SIEM content, including correlation rules, alerts, dashboards, and reports to detect and respond to cybersecurity threats.
Log Source Integration : Integrate various log sources into the SIEM platform, ensuring accurate data ingestion, parsing, and normalization.
Threat Detection : Develop and fine-tune detection use cases to identify malicious activities, anomalies, and potential security incidents.
Incident Response : Collaborate with the incident response team to provide context and support for investigations, leveraging SIEM data and alerts.
Tuning and Optimization : Continuously optimize SIEM rules and content to reduce false positives and improve detection efficacy.
Compliance and Reporting : Create and maintain compliance-related content and reports to ensure adherence to regulatory and organizational requirements.
Threat Intelligence Integration : Integrate threat intelligence feeds into the SIEM to enhance detection capabilities with contextual threat data.
Documentation : Maintain comprehensive documentation for SIEM content, configurations, and procedures to ensure operational continuity and knowledge transfer.
Collaboration : Work closely with security analysts, SOC teams, and other stakeholders to understand their needs and improve SIEM content based on feedback and evolving threats.
Training and Mentoring : Provide training and mentoring to junior team members and security analysts on the use of SIEM tools and interpretation of SIEM alerts and reports.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity / affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and / or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal. com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy : .
Preferred Skills : PCAP analysis
Splunk
Azure
AWS
Education : Bachelor of Science
Required Experience :
10+ years experience
Required Technical Skills :
SIEM Platforms Proficiency : Expertise in Splunk SIEM
Scripting and Automation : Proficiency in scripting languages like Python, PowerShell, or Bash to automate tasks and develop custom SIEM content.
Log Management : Strong understanding of log management, including collection, parsing, and normalization of log data from various sources.
Security Analysis : In-depth knowledge of security analysis techniques, including threat detection, correlation, and incident investigation.
Networking Fundamentals : Solid understanding of network protocols, architectures, and devices to analyze network traffic and identify anomalies.
Threat Intelligence : Ability to integrate and utilize threat intelligence feeds to enhance SIEM content and detection capabilities.
Regular Expressions : Proficiency in using regular expressions for log parsing, data extraction, and pattern matching within SIEM tools.
Incident Response : Experience with incident response processes and the ability to support investigations using SIEM data.
Security Clearance Level :
MBI
Required Skills and Abilities :
Network Analysis
IDS
SIEM
Create a job alert for this search
Content Developer • Lanham, MD, United States
SIEM Content Developer
Y-Tech, LLCFort Belvoir, VA, USAContent Development Associate Job at KME.digital in Alexandria
MediabistroAlexandria, VA, United StatesCONTENT CREATOR Job at Network Over 30 in Washington
MediabistroWashington, DC, United States- New!
Social Media Content Creator Job at PenFed Credit Union in Mc Lean
MediabistroMc Lean, VA, United StatesDovel Technologies, Inc is hiring : Content Developer - Senior in Washington
MediabistroWashington, DC, United StatesSenior Social Content Editor Job at mediaget in Washington
MediabistroWashington, DC, United StatesSenior Web Content Strategist Job at Interactive Strategies in Washington
MediabistroWashington, DC, United StatesY-Tech, LLC. is hiring : SIEM Content Developer in Fort Belvoir
MediabistroFort Belvoir, VA, United StatesContent Developer - Senior Job at Dovel Technologies, Inc in Washington
MediabistroWashington, DC, United StatesSEO & Content Specialist Job at Rust-Oleum in Baltimore
MediabistroBaltimore, MD, United StatesWeb Content Manager Job at Jobs via Dice in Washington
MediabistroWashington, DC, United States
Content Developer, Level 1
Avalore, LLCAnnapolis Junction, MD, USWeb Content Developer Job at Elzit in Friendly
MediabistroFriendly, MD, United StatesWeb / Media Content Developer Job at Koniag Information Security Services, LLC in
MediabistroArlington, VA, United StatesSEO & Content Specialist Job at DAP in Baltimore
MediabistroBaltimore, MD, United StatesDigital Media Developer Job at Study Select in Washington
MediabistroWashington, DC, United StatesSIEM Content Developer Job at Amyx, Inc. in Fort Belvoir
MediabistroFort Belvoir, VA, United States- New!