Security Operations Engineer, SIEM

Make a difference here.
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.
By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. 
The Security Operations Engineer will support our Federal customer in Washington DC and their SIEM deployment. They will provide SIEM engineering and operations support for log ingestion, alert correlation, threat detection, and incident response functions. Duties will vary across the complex environment in collaboration with an existing security engineering team.

Work You'll Do:

• Configure and optimize Microsoft Sentinel and other log aggregation platforms
• Tune detection rules, create dashboards, and write custom queries (e.g., KQL)
• Support threat intelligence feed ingestion and enrichment
• Collaborate with ZTA and IR teams on triage and analysis
• Maintain uptime, health, and performance of the SIEM environment
• Log Management: Review of ingestion and normalization of logs, ability to ingest and analyze all common log formats, consulting on log storage method and pricing tier, and consulting on cost management recommendations for log pricing
• Sentinel:  Sentinel management with regularly updated baseline and continuous deployment of updated rules
• Threat Intelligence:  Disburse threat intelligence to key employees and ability to share hardening recommendations and update baseline from lessons learned across full client base
• Staff support:  Educational development – ability to leverage Microsoft partnership and team’s technical knowledge to hold workshops and training on Azure and M365 Cloud Services 
• Continuous Improvement:  Review of Architecture to look for gaps in cybersecurity solution and drive efficiencies in logging and log storage
• Program Management Support
• Automated Response support
• 24x7x365 monitoring of security events
• Incident Handling support

What You've Done:

• 5+ Years of total Security Engineering experience
• 3+ years supporting SIEM platforms (Microsoft Sentinel preferred) in GCC/GCC-H or federal environments
• Proficiency in log parsing, rule creation, alert tuning, and SIEM maintenance
• Familiarity with incident response workflows and SOAR integrations
• Experience with security tools such as Trellix, RSA NetWitness, Zscaler, or Rapid7 a plus
• Strong analytical and documentation skills

What We Offer:

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  
• Group Term Life, Short-Term Disability, Long-Term Disability  
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  
• Participation in the Discretionary Time Off (DTO) Program  
• 11 Paid Holidays Annually 

UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.
We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.
UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. 
If you want to make an impact, UltraViolet Cyber is the place for you!