Threat Detection Expert
Location: McLean, VA
Duration: Full Time Direct Hire Employment
Security Clearance: Active Top Secret/SCI Clearance with Full Scope Polygraph
Salary Range: $220,000 - $250,000 Per Annum
Responsibilities:
In this role, you will be working with a commercial company's security team to create and build new solutions to challenging problems. In performing this role, you will be required to:
- Work with the customer to establish a mature Insider threat monitoring capability across multiple windows, Linux, and container environments.
- This person will be leading the development of new alerting frameworks
- Execute a dual mandate over a designated time period to:
- Develop detection logic in the customer SIEM solution.
- Architecting and deploying detections from the ground up
- Support the migration of logic, queries, and visualizations into a new SIEM solution.
- Work with the customer to improve incident response efficiencies.
- Support the Tier 1 Security Operations Team with investigations and responses.
- Improve the customer's ability for early detection and mitigation of risks
Must Have Qualifications:
- This position requires an active TS/SCI clearance with Full Scope polygraph.
- Specialist with architecting and deploying new frameworks from the ground up.
- Bachelor's degree in computer science, Engineering, Information Assurance, or a related discipline and 10+ years of related experience. Additional experience may be substituted for a degree.
- Must have experience and expertise with SIEM solutions such as Splunk, Kabana, etc.
- Must have experience with log telemetry structure and log logic in Windows, Linux, and Containerized environments.
- Experience with migrating schema mappings from one SIEM solution to another.
- The ability to demonstrate query language proficiencies.
- Must have experience with cloud service providers i.e., Google, AWS, Azure, etc.
- Have experience with the deployment and configuration of data collections from various system components that include operating systems, networking devices, and containerization platforms.
- Experience creating dashboards, analytics, and alerts within SIEM tools.
- Experience working with monitoring systems supporting auditing, incident response, and system health.
- Experience with the OSINT framework and related tools.
- Working in an air gapped environment
- Analyze user behavior and how to create alerts from scratch
- Comfortable with both Splunk and ELK
Threat Detection Expert
Location: McLean, VA
Duration: Full Time Direct Hire Employment
Security Clearance: Active Top Secret/SCI Clearance with Full Scope Polygraph
Salary Range: $220,000 - $250,000 Per Annum
Responsibilities:
In this role, you will be working with a commercial company's security team to create and build new solutions to challenging problems. In performing this role, you will be required to:
- Work with the customer to establish a mature Insider threat monitoring capability across multiple windows, Linux, and container environments.
- This person will be leading the development of new alerting frameworks
- Execute a dual mandate over a designated time period to:
- Develop detection logic in the customer SIEM solution.
- Architecting and deploying detections from the ground up
- Support the migration of logic, queries, and visualizations into a new SIEM solution.
- Work with the customer to improve incident response efficiencies.
- Support the Tier 1 Security Operations Team with investigations and responses.
- Improve the customer's ability for early detection and mitigation of risks
Must Have Qualifications:
- This position requires an active TS/SCI clearance with Full Scope polygraph.
- Specialist with architecting and deploying new frameworks from the ground up.
- Bachelor's degree in computer science, Engineering, Information Assurance, or a related discipline and 10+ years of related experience. Additional experience may be substituted for a degree.
- Must have experience and expertise with SIEM solutions such as Splunk, Kabana, etc.
- Must have experience with log telemetry structure and log logic in Windows, Linux, and Containerized environments.
- Experience with migrating schema mappings from one SIEM solution to another.
- The ability to demonstrate query language proficiencies.
- Must have experience with cloud service providers i.e., Google, AWS, Azure, etc.
- Have experience with the deployment and configuration of data collections from various system components that include operating systems, networking devices, and containerization platforms.
- Experience creating dashboards, analytics, and alerts within SIEM tools.
- Experience working with monitoring systems supporting auditing, incident response, and system health.
- Experience with the OSINT framework and related tools.
- Working in an air gapped environment
- Analyze user behavior and how to create alerts from scratch
- Comfortable with both Splunk and ELK
Government Careers
Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
MORE JOBS
-
Intelligence Analyst at Randstad Sourceright Newark, NJ
- Newark, New Jersey
- ITlearn360
- Jul 01, 2026
-
Senior O365 Cloud Engineer Cleared (Polygraph)
- Reston, Virginia
- True Tandem
- Jul 01, 2026
-
Aircrew Rescue Swimmer & Navy Diver
- Kinston, North Carolina
- US Navy
- Jul 01, 2026
-
Protocol Assistant - TS/SCI CI Poly (Denver)
- Aurora, Colorado
- TENICA
- Jul 01, 2026
-
Aircrew Rescue Swimmer & Navy Diver
- Santa Rosa, California
- U.S. Navy
- Jul 01, 2026
-
Senior Systems Engineer - DoDAF, SOA & Gov't Solutions
- Annapolis, Maryland
- Erias Ventures
- Jul 01, 2026