Full Time Job Opportunity - Incident Response Associate Principal / Principal SIEM Engineer - Reston, VA jobs in United States
cer-icon
Apply on Employer Site
company-logo

Scalence L.L.C. · 5 days ago

Full Time Job Opportunity - Incident Response Associate Principal / Principal SIEM Engineer - Reston, VA

positionAshburn Rd, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

Scalence L.L.C. is seeking an Incident Response Associate Principal to enhance Insider Threat Monitoring capabilities for their customers. The role involves developing detection logic within SIEM platforms, improving incident response processes, and providing support to the Security Operations team.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Partner with customers to establish and enhance a mature Insider Threat Monitoring capability across Windows, Linux, and containerized environments
Execute a dual mandate within a defined timeframe to:
Develop and implement detection logic within the customer’s SIEM platform
Support the migration of detection logic, queries, and visualizations to a new SIEM solution
Work with customers to streamline and improve incident response processes
Provide investigation and response support to the Tier 1 Security Operations team
Strengthen the customer’s ability to detect, mitigate, and respond to risks early

Qualification

SIEM platformsLog telemetry structuresSIEM query languagesCloud service providersData collection pipelinesDashboardsActive TS/SCI clearanceIncident responseOSINT framework familiarity

Required

Active TS/SCI clearance with polygraph is required
Bachelor's degree in Computer Science, Engineering, Information Assurance, or a related field, along with 10+ years of relevant experience. Additional experience may substitute for a degree
Hands-on experience with SIEM platforms such as Splunk, Kibana, or similar tools
Strong understanding of log telemetry structures and detection logic across Windows, Linux, and containerized environments
Proven experience migrating schema mappings between SIEM solutions
Demonstrated proficiency in SIEM query languages
Experience working with cloud service providers such as AWS, Azure, or Google Cloud
Experience deploying and configuring data collection pipelines from operating systems, network devices, and container platforms
Strong background in building dashboards, analytics, and alerts within SIEM tools
Experience supporting auditing, incident response, and system health monitoring
Familiarity with the OSINT framework and related tools

Company

Scalence L.L.C.

twitter
company-logo
In today’s dynamic and competitive market, success hinges on mastering three key areas: Data Intelligence, Business Resilience, and Digital Experience.
location
Morristown, New Jersey, US
people-size501-1000 employees
web-link
https://www.scalence.com/

Funding

Current Stage
Late Stage
Company data provided by crunchbase