Government Careers
  • Threat Detection Expert

  • Artech
  • Mc Lean, Virginia 22101 United States View Map

Threat Detection Expert

Location: McLean, VA

Duration: Full Time Direct Hire Employment

Security Clearance: Active Top Secret/SCI Clearance with Full Scope Polygraph

Salary Range: $220,000 - $250,000 Per Annum

Responsibilities:

In this role, you will be working with a commercial company's security team to create and build new solutions to challenging problems. In performing this role, you will be required to:

  • Work with the customer to establish a mature Insider threat monitoring capability across multiple windows, Linux, and container environments.
  • This person will be leading the development of new alerting frameworks
  • Execute a dual mandate over a designated time period to:
    • Develop detection logic in the customer SIEM solution.
    • Architecting and deploying detections from the ground up
    • Support the migration of logic, queries, and visualizations into a new SIEM solution.
  • Work with the customer to improve incident response efficiencies.
  • Support the Tier 1 Security Operations Team with investigations and responses.
  • Improve the customer's ability for early detection and mitigation of risks

Must Have Qualifications:

  • This position requires an active TS/SCI clearance with Full Scope polygraph.
  • Specialist with architecting and deploying new frameworks from the ground up.
  • Bachelor's degree in computer science, Engineering, Information Assurance, or a related discipline and 10+ years of related experience. Additional experience may be substituted for a degree.
  • Must have experience and expertise with SIEM solutions such as Splunk, Kabana, etc.
  • Must have experience with log telemetry structure and log logic in Windows, Linux, and Containerized environments.
  • Experience with migrating schema mappings from one SIEM solution to another.
  • The ability to demonstrate query language proficiencies.
  • Must have experience with cloud service providers i.e., Google, AWS, Azure, etc.
  • Have experience with the deployment and configuration of data collections from various system components that include operating systems, networking devices, and containerization platforms.
  • Experience creating dashboards, analytics, and alerts within SIEM tools.
  • Experience working with monitoring systems supporting auditing, incident response, and system health.
  • Experience with the OSINT framework and related tools.
  • Working in an air gapped environment
  • Analyze user behavior and how to create alerts from scratch
  • Comfortable with both Splunk and ELK

Threat Detection Expert

Location: McLean, VA

Duration: Full Time Direct Hire Employment

Security Clearance: Active Top Secret/SCI Clearance with Full Scope Polygraph

Salary Range: $220,000 - $250,000 Per Annum

Responsibilities:

In this role, you will be working with a commercial company's security team to create and build new solutions to challenging problems. In performing this role, you will be required to:

  • Work with the customer to establish a mature Insider threat monitoring capability across multiple windows, Linux, and container environments.
  • This person will be leading the development of new alerting frameworks
  • Execute a dual mandate over a designated time period to:
    • Develop detection logic in the customer SIEM solution.
    • Architecting and deploying detections from the ground up
    • Support the migration of logic, queries, and visualizations into a new SIEM solution.
  • Work with the customer to improve incident response efficiencies.
  • Support the Tier 1 Security Operations Team with investigations and responses.
  • Improve the customer's ability for early detection and mitigation of risks

Must Have Qualifications:

  • This position requires an active TS/SCI clearance with Full Scope polygraph.
  • Specialist with architecting and deploying new frameworks from the ground up.
  • Bachelor's degree in computer science, Engineering, Information Assurance, or a related discipline and 10+ years of related experience. Additional experience may be substituted for a degree.
  • Must have experience and expertise with SIEM solutions such as Splunk, Kabana, etc.
  • Must have experience with log telemetry structure and log logic in Windows, Linux, and Containerized environments.
  • Experience with migrating schema mappings from one SIEM solution to another.
  • The ability to demonstrate query language proficiencies.
  • Must have experience with cloud service providers i.e., Google, AWS, Azure, etc.
  • Have experience with the deployment and configuration of data collections from various system components that include operating systems, networking devices, and containerization platforms.
  • Experience creating dashboards, analytics, and alerts within SIEM tools.
  • Experience working with monitoring systems supporting auditing, incident response, and system health.
  • Experience with the OSINT framework and related tools.
  • Working in an air gapped environment
  • Analyze user behavior and how to create alerts from scratch
  • Comfortable with both Splunk and ELK
Government Careers

Government Careers

Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.

Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.

Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.

Show more

MORE JOBS