SIEM Engineer

Newington, Virginia

Zachary Piper Logo

Job Id:
169702

Job Category:

Job Location:
Newington, Virginia

Security Clearance:
TS/SCI

Business Unit:
Zachary Piper

Division:
Zachary Piper Solutions

Position Owner:
Mac Stephens

Zachary Piper Solutions is seeking a SIEM Engineer to join a federal technology services organization supporting enterprise cybersecurity operations and mission-critical security programs. This role is on-site in Newington, VA and requires an active TS/SCI clearance.


This role will involve designing, implementing, tuning, and optimizing Splunk Enterprise and Splunk Enterprise Security to strengthen enterprise security monitoring, threat detection, incident response, and SIEM operations while partnering with security engineering, SOC, threat intelligence, and infrastructure teams to enhance overall cybersecurity visibility and resilience.


Responsibilities of the SIEM Engineer:

  • Design, implement, configure, and maintain Splunk Enterprise and Splunk Enterprise Security to support enterprise-scale security monitoring and threat detection.
  • Develop, optimize, and tune SIEM use cases, correlation searches, detection rules, dashboards, and alerts to improve detection accuracy and reduce false positives.
  • Analyze and correlate security events across Windows, Linux, firewalls, IDS/IPS, cloud platforms, and other enterprise log sources to identify threats and support incident response.
  • Manage log ingestion, normalization, retention, and event correlation to ensure effective SIEM operations and data visibility.
  • Partner with SOC analysts, security engineers, threat intelligence, and IT infrastructure teams to improve monitoring capabilities and overall security posture.
  • Support cybersecurity investigations by identifying, analyzing, and responding to security events across multiple data sources.
  • Implement automation and scripting solutions using Python, Bash, or PowerShell to improve operational efficiency and SIEM functionality.
  • Support continuous improvement initiatives by integrating threat intelligence, cloud security monitoring, SOAR capabilities, and cybersecurity best practices into the enterprise security platform.

Qualifications for the SIEM Engineer:

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
  • 3+ years of experience in SIEM engineering, cybersecurity monitoring, or security analytics.
  • Hands-on experience with Splunk Enterprise Security, Splunk Enterprise, or other SIEM platforms such as IBM QRadar.
  • Experience with log management, event correlation, alert tuning, SIEM use case development, and detection engineering.
  • Strong understanding of Windows, Linux, firewall, IDS/IPS, cloud, and other enterprise security logs.
  • Experience with Python, Bash, or PowerShell, along with knowledge of TCP/IP, DNS, HTTP/S, and cybersecurity frameworks including NIST and MITRE ATT&CK.
  • Experience with AWS, Azure, or GCP security monitoring, SOAR platforms, threat intelligence integration, and supporting federal or DoD cybersecurity environments is preferred.
  • Active TS/SCI security clearance


Compensation for the SIEM Engineer:

  • Salary Range: $180,000 - $195,000 *depending on experience*
  • Comprehensive Benefits: Cigna Medical, Dental, Vision, 401k Plan, PTO, Holidays, Sick Leave if required by law



This job opens for applications on 07/14. Applications for this job will be accepted for at least 30 days from the posting date.



#LI-MS1

#LI-ONSITE

Keywords: Splunk, Splunk Enterprise, Splunk Enterprise Security, Splunk ES, SIEM, SIEM Engineering, SIEM Administration, Security Information and Event Management, Security Monitoring, Security Analytics, Detection Engineering, Detection Rules, Correlation Searches, Event Correlation, Log Management, Log Analysis, Log Ingestion, Alert Tuning, Use Case Development, Threat Detection, Threat Hunting, Incident Response, Incident Investigation, Cybersecurity, Cyber Defense, SOC, Security Operations Center, SOC Analyst, Security Engineering, Threat Intelligence, Threat Intelligence Integration, Windows Logs, Linux Logs, Firewall Logs, IDS, IPS, IDS/IPS, Cloud Logs, AWS, Azure, GCP, Cloud Security, Cloud Security Monitoring, SOAR, Security Automation, Python, Bash, PowerShell, Scripting, Automation, TCP/IP, DNS, HTTP, HTTPS, Networking, Network Security, NIST, MITRE ATT&CK, Security Frameworks, Enterprise Security, Security Operations, Vulnerability Analysis, Security Event Analysis, Enterprise Monitoring, Data Correlation, Security Visibility, Federal, DoD, Department of Defense, Government, TS/SCI, Top Secret, SCI, Cleared, Security+, CompTIA Security+, CySA+, CISSP

Apply For This Position

Personal Information

Required
Required
Required
Required
Required
Required
Required

Additional Details

Required
Required
Required

Voluntary Self-identification Form

Required
Required
Required

Veteran Status *

Discharge Date:

Resume Upload

Please note only files with .pdf, .docx, or .doc file extensions are accepted.

Currently selected file:

Don't have a resume?