Cyber Capability Developer/Architect (SIEM Engineer)

Evolver Federal is seeking an experienced Cyber Capability Developer/Architect (SIEM Engineer) who will be responsible for developing and maintaining SIEM configurations, enabling advanced detection and response capabilities, and contributing to a proactive security posture across the enterprise.

This is an onsite position based in Huntsville, AL

Responsibilities:

• SIEM Integration & Data Ingestion: Design, develop, and maintain configurations to collect and parse logs and event data for SIEM analysis (e.g., Splunk).
• Alerting & Detection Development: Create and fine-tune custom searches, correlation rules, and alerts to identify and respond to security incidents.
• Use Case Development: Work with SOC analysts to translate security requirements into actionable use cases and detection content.
• Query Optimization: Develop efficient queries and dashboards for real-time threat monitoring and incident investigation.
• Playbook Development: Create and maintain operational playbooks and integrate threat intelligence feeds into SIEM workflows.
• Threat Awareness: Stay current on emerging threats, vulnerabilities, and industry best practices to enhance detection capabilities.
• Configuration Management: Document configurations, update SIEM content regularly, and provide knowledge transfer to team members.
• Forensics Tool Integration: Leverage tools such as the Axiom Forensics Suite to support deeper investigation and forensic analysis.
• Compliance & Security Standards: Ensure all SIEM configurations and activities align with internal policies and regulatory requirements.

Basic Qualifications:

• A Bachelor's Degree in Information Security, Computer Science, or a related field (or 8 years of equivalent work experience)
• Must have an active Top Secret clearance with SCI Eligible or higher
• 10 years of experience in cybersecurity, with expertise in SIEM engineering and threat detection.
• 3 years of experience with log ingestion, correlation rule development, and integration of forensic and threat intelligence tools.
• 3 years of experience with cyber threat landscapes, attack vectors, and incident response methodologies.

Preferred Qualifications:

• An ability to collaborate effectively across multidisciplinary teams and mentor junior engineers.
• One or more of the following certifications:
  • GIAC Continuous Monitoring Certification (GMON)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Network Forensic Analyst (GNFA)
  • GIAC Cloud Threat Detection (GCTD)
  • GIAC Cloud Forensics Responder (GCFR)
  • GIAC Advanced Smartphone Forensics Certification (GASF)
  • GIAC Mobile Device Security Analyst (GMOB)

Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law.

Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies.