Security Architect - Consultant (Detection Engineer)

The State of South Carolina is looking for a Security Architect - Consultant (Detection Engineer)

Join a high-impact statewide cybersecurity initiative focused on strengthening threat detection and response capabilities across multiple government agencies. This is a hands-on Detection Engineering role, not just architecture you will directly influence how threats are identified, analyzed, and mitigated at scale.

• Design, build, and tune detection rules within the enterprise SIEM environment
• Perform gap analysis to identify missing detection coverage
• Develop new detection use cases using Sigma, YARA, and threat intelligence
• Map detections to the MITRE ATT&CK framework
• Collaborate with SOC Analysts and Threat Hunters to improve alert fidelity
• Reduce false positives and optimize detection performance
• Create dashboards, reports, and documentation (runbooks, SOPs)
• Support multi-agency security monitoring initiatives

• 5+ years of experience in Detection Engineering / SIEM / SOC Engineering
• Strong hands-on experience with:

• SIEM tools (Splunk, Sentinel, QRadar, XSIAM, etc.)
• Detection rule development & tuning
• Sigma, YARA, or similar detection languages

• Experience with MITRE ATT&CK framework
• Scripting skills: Python, PowerShell, or Bash
• Strong knowledge of Windows & Linux security artifacts
• Experience supporting large-scale enterprise environments

Preferred Qualification

• Experience with Palo Alto Cortex XSIAM
• Security certifications: CISSP, CISA, CEH, OSCP, GPEN (or equivalent)
• Background in Threat Hunting or SOC Operations
• Experience in multi-tenant / multi-agency environments
• Strong communication skills (client-facing collaboration)