SIEM Engineer - Secret Cleared

Design, develop, and optimize complex Splunk SPL queries to support security monitoring and threat detection

Integrate multiple security tools and data sources into a centralized SIEM platform

Develop and manage Splunk knowledge objects, including dashboards, alerts, reports, and saved searches

Perform field extractions, lookups, and CIM normalization to ensure high-quality and consistent data ingestion

Support incident response efforts by analyzing security events and providing actionable insights

Collaborate with security and engineering teams to improve detection use cases and SIEM performance

Maintain documentation and best practices related to SIEM architecture and processes

5+ years of experience in cybersecurity or SIEM engineering roles

Active Secret security clearance (required)

Ability to work in a hybrid environment in Durham, NC or Fulton, MD

Heavy hands-on experience with Splunk, including advanced SPL query writing

Strong knowledge of Splunk knowledge objects, data models, and CIM normalization

Experience integrating security tools (EDR, IDS/IPS, firewalls, cloud security tools) into a SIEM

Solid background in incident response and security operations

Salary range: $115,000 - $125,000 depending on experience

Comprehensive benefits package including medical, dental, vision, 401(k), and paid time off