1 Content Developer (SIEM Cyber Security) Job in San Antonio, TX
BRS is Hiring a Content Developer (SIEM Cyber Security) Near San Antonio, TX
Requirements:
- DoDD 8570.01‐M/8140.01 I AT Level III CND
- Active TS/SCI
- More than 5 years of SIEM technology such as ArcSight, Splunk, and/or ELK.
- More than 3 years with network traffic analysis, ports, and protocols. BA/BS or MA/MS
- More than five (5) years of SIEM technology such as Arcsight, Splunk and/or ELK. Including, but not limited to, log handling, reports, filters, rule creation.
- Extensive knowledge with IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., Air Force, Navy, Army, DC3, DISA).
- More than three (3) years of experience with Network Traffic Analysis; ports and protocols. SANS GCDA or equivalent certification(s).
- Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)
- Additionally, more than one (1) year of experience with Security, Orchestration, Automation, and Response (SOAR) platforms such as Phantom and/or Demisto. Proficient in Python and PowerShell.
- Analyze DCO events.
- Apply current industry SIEM best‐practices.
- Use security alerts correlated with log enrichment data to enhance the operator’s ability to identify real attacks.
- Establish security control effectiveness and monitor for unauthorized outbound connections
- Create detections by analyzing log data across the enterprise. (CDRL A007)
- Develop dashboards and visualizations to identify adversarial activity. (CDRL A007)
- Use log data to establish and implement virtual tripwires for early detection.
- Analyze and ingest security logs into the SIEM in order to optimize for performance of the SIEM.
- Conduct designing, implementing, and testing of various SIEM solutions. (CDRL A007)
- Create and support the creation of SIEM Use Cases and understand what alerts and log enrichment is necessary to meet the required acceptable false positive rate. (CDRL A008)
- Create, test, and validate filters and rules. (CDRL A007)
- Build and implement event correlation rules, logic, and content in the SIEM. (CDRL A007)
- Tune SIEM event correlation rules and logic to filter out security events associated with known and well established network behavior, known false positives and/or known errors.
- Analyze malware threats to develop behavior based detections that alert and/or prevent malicious activity.
- Automate tasks in the SIEM using a common programming or scripting language.
- Create scheduled and ad‐hoc reporting with SEIM tools. (CDRL A007 and A008)
- Create and maintain SIEM documentation. (CDRL A008)
- Develop and execute a process to review and maintain SIEM resources such as rules, filters, lists, trends and reports.
- Utilize SIEM to develop metrics collection, analysis, and create reports upon request.
- Provide training to government personnel as requested.
- Provide knowledge transfer of tools, processes and procedures to government personnel as requested.
- Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
- Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002)
- Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009).
Locations: Lackland AFB, TX, Offut AFB, NE, and Maxwell AFB, AL
Job Summary
Full Time
Education & Training Services
$72k-88k (estimate)
03/31/2024
05/30/2024
brs-inc.com
AUSTIN, TX
100 - 200
Private
RUCHIKA DIAS
$10M - $50M
Education & Training Services
Related Companies
The job skills required for Content Developer (SIEM Cyber Security) include Leadership, Content Development, Analysis, etc. Having related job skills and expertise will give you an advantage when applying to be a Content Developer (SIEM Cyber Security). That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Content Developer (SIEM Cyber Security). Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Content Developer (SIEM Cyber Security) positions, which can be used as a reference in future career path planning. As a Content Developer (SIEM Cyber Security), it can be promoted into senior positions as a Reporter II that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Content Developer (SIEM Cyber Security). You can explore the career advancement for a Content Developer (SIEM Cyber Security) below and select your interested title to get hiring information.
Similar Jobs
Popular Articles
