SIEM Engineer

*This position requires a TS/SCI clearance for consideration*

Zachary Piper Solutions is currently seeking a SIEM Engineer to support a mission-critical federal cybersecurity program based in Newington, VA. This position is a full-time, onsite role supporting high-tempo, classified security operations. This role is critical in safeguarding enterprise networks and systems by ensuring accurate, reliable, and proactive security monitoring. As a SIEM Engineer, you will play a pivotal role in security monitoring, detection engineering, and continuous improvement of SOC capabilities, working closely with analysts, incident responders, and system engineers to protect sensitive assets.

Key Responsibilities:

• Collaborate with SOC analysts, incident responders, and system engineers to support mission-critical cybersecurity operations
• Analyze and troubleshoot log ingestion pipelines, correlation rules, and alerting issues to improve detection fidelity and reduce false positives
• Develop, maintain, and optimize SIEM use cases, correlation rules, dashboards, and alerts
• Support proactive threat detection efforts in a fast-paced, team-oriented SOC environment
• Utilize SIEM technologies such as Splunk Enterprise Security and IBM QRadar to aggregate, correlate, and analyze security event data
• Investigate and correlate security events across multiple data sources during active incidents
• Ensure SIEM content aligns with compliance and security framework requirements
• Contribute to continuous improvement initiatives across detection engineering and SOC operations

Requirements:

• Active TS/SCI clearance
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field
• (or equivalent hands-on experience)
• 3+ years of experience in SIEM engineering, cybersecurity monitoring, or security analytics
• Hands-on experience with SIEM platforms (Splunk Enterprise Security, IBM QRadar)
• Log management, event correlation, and alert tuning
• Experience developing SIEM use cases and detection rules
• Strong understanding of security logs:
  • Windows and Linux systems
  • Firewalls, IDS/IPS
  • Cloud and infrastructure logs
• Scripting experience with Python, Bash, or PowerShell
• Working knowledge of networking protocols (TCP/IP, DNS, HTTP/S)
• Understanding of cybersecurity frameworks (NIST, MITRE ATT&CK)
• Strong analytical and problem-solving skills
• Ability to investigate and correlate complex security events
• Effective written and verbal communication skills
• Ability to operate in a team-oriented, high-tempo SOC environment
• Strong attention to detail with the ability to prioritize during incidents

Compensation to include:

• Salary Range: $165,000 – $195,000 **depending on experience**
• Full Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave if Required by Law

This job opens for applications on 4/17/2026. Applications for this job will be accepted for at least 30 days from the posting date

#LI-CB1

#LI-ONSITE

Keywords: Cybersecurity, Incident Response, Splunk, Splunk SPL, SPL, Packet Capture, Wireshark, Wire Shark, Network Forensics, Threat Hunting, Intrusion Detection, Log Analysis, SIEM (Security Information and Event Management), Malware Analysis, Network Traffic Analysis, Forensic Analysis, Threat Intelligence, Security Operations Center (SOC), Vulnerability Assessment, IDS/IPS (Intrusion Detection System/Intrusion Prevention System), PCAP Analysis, Network Security, Anomaly Detection, Endpoint Detection and Response (EDR), Cyber Threats, Cyber Attack, Threat Mitigation, Forensic Investigation, Digital Forensics, Security Incident, Data Breach, Advanced Persistent Threat (APT), Insider Threat, Security Policies, Compliance Management, Security Architecture, Security Operations, Incident Handling, Network Security Monitoring (NSM), Security Awareness Training, Security Risk Assessment, Threat Intelligence Platforms (TIP), Security Analytics, Insider Threat Detection, SIEM Engineer, Splunk, Splunk Enterprise Security, IBM QRadar, SIEM Engineering, Detection Engineering, Cybersecurity Monitoring, Security Analytics, SOC, Threat Detection, Log Analysis, Incident Response, MITRE ATT&CK, NIST, IDS/IPS, Network Security, Cloud Security, SOAR, Threat Intelligence, TS/SCI, Federal Cybersecurity, DoD Cyber