Job Description

Zachary Piper Solutions is seeking a Sr. Cyber Security Engineer to join our Cyber Threat Fusion Center (CFTC) team supporting the IRS. This is a HYBRID position reporting to New Carrollton, MD a few times per month. The Sr. Cyber Security Engineer will be responsible for developing, optimizing, and managing SIEM (Splunk), IDS, and HIDS/HIPS solutions to protect the organizations networks from cyber threats. Candidates must be able to obtain a US Public Trust.

Responsibilities Include:

• Design, develop, and maintain SIEM (Splunk), IDS, and HIDS/HIPS content, including rules, alerts, dashboards, and reports to identify and mitigate cybersecurity threats.
• Analyze network and security event data from various sources to identify threats, vulnerabilities, and trends.
• Collaborate with cybersecurity analysts and incident responders to refine detection mechanisms and improve response times.
• Integrate threat intelligence feeds into SIEM/IDS/HIDS/HIPS solutions to enhance threat detection capabilities.
• Conduct advanced threat-hunting activities to proactively identify potential security incidents.
•  Provide technical leadership and mentorship to junior team members.

Requirements:

• Minimum of 10 years of experience in similar role focusing on rules, alerts, and correlation content for Splunk and FireEye suite of tools, including HX and PX
• Bachelors Degree in Computer Science or related field
• Proficient in scripting languages for automation and content development (PowerShell, Python)
• Experience with IDS solutions
• Ability to obtain an IRS Public Trust clearance.

Compensation Includes: $120,000 - $145,000 annually, commensurate with experience. PTO, Paid Holidays, Health, Dental, Vision, 401K, etc.

Keywords: Cybersecurity, Incident Response, Splunk, Packet Capture, Network Forensics, Threat Hunting, Intrusion Detection, Log Analysis, SIEM (Security Information and Event Management), Malware Analysis, Network Traffic Analysis, Forensic Analysis, Threat Intelligence, Security Operations Center (SOC), Vulnerability Assessment, IDS/IPS (Intrusion Detection System/Intrusion Prevention System), PCAP Analysis, Network Security, Anomaly Detection, Endpoint Detection and Response (EDR), Cyber Threats, Cyber Attack, Threat Mitigation, Forensic Investigation, Digital Forensics, Security Incident, Data Breach, Advanced Persistent Threat (APT), Insider Threat, Security Policies, Compliance Management, Security Architecture, Security Operations, Incident Handling, Network Security Monitoring (NSM), Security Awareness Training, Security Risk Assessment, Threat Intelligence Platforms (TIP), Security Analytics, Insider Threat Detection, correlation, rules, content, rules correlation, snort rules, splunk rules,