Cyber Systems Engineering, Lead Associate
Role details
Job location
Tech stack
Job description
Peraton is hiring a Content Developer (Data Scientist) for its' Regional Cyber Center-Europe program., * Develop, tune, and maintain SIEM detection content including correlation rules, alerts, and watch-lists in Elastic and/or Splunk to improve threat detection fidelity across CSSP monitoring systems
- Design and build automated data analytics pipelines that ingest, normalize, and process large volumes of security telemetry to support real-time and historical threat analysis
- Create custom algorithms and machine learning models for anomaly detection, behavioral base-lining, and advanced threat identification within DoD network environments
- Develop interactive dashboards and data visualizations in Kibana, Splunk, or similar platforms that provide actionable situational awareness for analysts and leadership
- Conduct metrics analysis to measure CSSP operational performance, detection coverage, and response effectiveness, producing regular reports for program management and government stakeholders
- Support threat intelligence content development by translating finished intelligence products into actionable SIEM queries, detection signatures, and automated response playbooks
Requirements
Do you have experience in TensorFlow?, Do you have a Bachelor's degree?, * 5 years of data science, analytics, or SIEM content development experience with a Bachelor's degree in a STEM field or Business Administration; 11 years of relevant experience may substitute for degree.
- Must meet TESA Qualifications.
- DoD 8140 - Cybersecurity (Cyber Defense Analyst) - Intermediate
- Certifications - must hold active certifications (one of the following):
- GDAT (GIAC Defending Advanced Threats); OR
- GDSA (GIAC Defensible Security Architecture); OR
- Elastic Certified Analyst or Engineer; OR
- ArcSight Enterprise Security Manager Advanced Analyst Certified Expert; OR
- Microsoft Certified: Cybersecurity Architect Expert; OR
- Azure DevOps Engineer Expert; OR
- TCM Security PNPT
- U.S. citizenship required
- Active DoD TS/SCI clearance
Preferred:
- Deep expertise with Elastic Stack (Elasticsearch, Logstash, Kibana, Beats) for SIEM content development and data pipeline management
- Proficiency with Splunk SPL for advanced search, correlation rule development, and dashboard creation
- Strong Python skills for data processing, algorithm development, and automation scripting
- Familiarity with machine learning frameworks (e.g., scikit-learn, TensorFlow) for anomaly detection use cases
- Experience with Kibana or Grafana for building operational security dashboards and visualizations
- Knowledge of KQL (Kusto Query Language) for Microsoft Sentinel or Azure Log Analytics environments
- Familiarity with ArcSight ESM for content development and event correlation in enterprise environments
- Experience with threat intelligence platforms (e.g., MISP, OpenCTI) for converting intelligence into detection content
Benefits & conditions
Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.