Full Time Job Opportunity - Incident Response Associate Principal / Principal SIEM Engineer - Reston, VA jobs in United States
info-icon
This job has closed.
company-logo

Scalence L.L.C. · 4 days ago

Full Time Job Opportunity - Incident Response Associate Principal / Principal SIEM Engineer - Reston, VA

positionAshburn Rd, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

Scalence L.L.C. is seeking an Incident Response Associate Principal to enhance Insider Threat Monitoring capabilities for their clients. The role involves developing and implementing detection logic within SIEM platforms while improving incident response processes and providing support to the Security Operations team.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Partner with customers to establish and enhance a mature Insider Threat Monitoring capability across Windows, Linux, and containerized environments
Execute a dual mandate within a defined timeframe to: Develop and implement detection logic within the customer’s SIEM platform. Support the migration of detection logic, queries, and visualizations to a new SIEM solution
Work with customers to streamline and improve incident response processes
Provide investigation and response support to the Tier 1 Security Operations team
Strengthen the customer’s ability to detect, mitigate, and respond to risks early

Qualification

Active TS/SCI clearanceHands-on SIEM experienceLog telemetry understandingSIEM query languagesCloud service providersData collection pipelinesDashboard buildingIncident response supportOSINT framework familiarity

Required

Active TS/SCI clearance with polygraph is required
Bachelor's degree in Computer Science, Engineering, Information Assurance, or a related field, along with 10+ years of relevant experience. Additional experience may substitute for a degree
Hands-on experience with SIEM platforms such as Splunk, Kibana, or similar tools
Strong understanding of log telemetry structures and detection logic across Windows, Linux, and containerized environments
Proven experience migrating schema mappings between SIEM solutions
Demonstrated proficiency in SIEM query languages
Experience working with cloud service providers such as AWS, Azure, or Google Cloud
Experience deploying and configuring data collection pipelines from operating systems, network devices, and container platforms
Strong background in building dashboards, analytics, and alerts within SIEM tools
Experience supporting auditing, incident response, and system health monitoring
Familiarity with the OSINT framework and related tools

Company

Scalence L.L.C.

twitter
company-logo
In today’s dynamic and competitive market, success hinges on mastering three key areas: Data Intelligence, Business Resilience, and Digital Experience.
location
Morristown, New Jersey, US
people-size501-1000 employees
web-link
https://www.scalence.com/

Funding

Current Stage
Late Stage
Company data provided by crunchbase