Overview
On Site
USD 55.00 - 80.00 per hour
Full Time
Skills
Security Clearance
Cyber Security
Spectrum
SPL
IaaS
Kubernetes
Docker
Workflow
Regulatory Compliance
Standard Operating Procedure
SOP
Documentation
Log Analysis
Reporting
Incident Management
System On A Chip
Cloud Computing
Splunk
Threat Analysis
Management
IDS
IPS
Optimization
Communication
Amazon Web Services
Microsoft Azure
Google Cloud Platform
Google Cloud
Cloud Security
SANS
DoD
Information Retrieval
International Relations
Investor Relations
Microsoft Windows
Training
Taxes
Life Insurance
Collaboration
Partnership
Business Transformation
Law
Job Details
Description
Detection Engineer Cloud SME
Secret Clearance, with ability to obtain TS/SCI
Position Description:
The Detection Engineer is responsible for designing, developing, and implementing detection mechanisms to identify cyber threats within a Cybersecurity Service Provider (CSSP) environment. The role focuses on creating and managing IDS/IPS signatures, log correlation rules, and other detection tools based on indicator lifecycle analysis. The Detection Engineer collaborates with Defensive Cyber Operations (DCO) Watch Analysts and other teams to ensure timely and effective threat detection, adhering to CJCSM 6510.01B reporting requirements and supporting the CSSP's mission to protect data across a wide spectrum of sources and locations.
Position Requirements and Duties:
Act as the primary SME for cloud log sources, designing efficient detections across multi-cloud environments (Gov. Cloud, AWS, Azure, Google Cloud Platform, etc).
Design and implement detection logic (KQL, EQL, and/or SPL) tailored to cloud-native threats and cloud infrastructure (e.g., containers like Kubernetes, Docker, etc.).
Analyze threat intelligence to create and refine detection mechanisms tailored to the customer's environment
Validate and test detection rules to ensure accuracy, minimize false positive and benign positive matches, and enhance threat identification capabilities
Collaborate with DCO Watch Analysts to integrate detection mechanisms into monitoring and incident response workflows
Maintain and update detection tools and signatures in response to evolving threats, ensuring compliance with CJCSM 6510.01B and other applicable directives
Compile and maintain internal standard operating procedure (SOP) documentation for detection creation and implementation processes
Perform log analysis of Splunk and Elastic to support detection development and validation
Coordinate with reporting agencies and subscriber sites to align detection strategies with operational needs and threat intelligence
Participate in program reviews, product evaluations, and onsite certification evaluations to assess detection tool efficacy
Overtime may be required to support detection implementation or incident response actions (Surge)
Up to 10% travel may be required
Minimum Qualifications:
Bachelor's Degree in relevant discipline and 5 years or at least 8 years of experience working in a CSSP, SOC, or similar environment
2+ years of experience with signature development, detection logic creation and optimization on multiple platforms
Desired Qualifications:
Deep technical expertise in major cloud provider security models, services, and logs (Gov. Cloud, AWS, Azure, Google Cloud Platform, etc.).
Experience working with and developing signatures for Splunk and Elastic
Experience with threat intelligence platforms and indicator management
Proficient knowledge of detection creation and implementation processes
Expertise in IDS/IPS solutions, including signature development and optimization
Strong understanding of the indicator lifecycle, including initial discovery, development, operational maturity, and long-term sustainment
Effective verbal and written communication skills
Ability to solve complex problems independently
Preferred certifications: AWS Certified Security, Azure Security Engineer Associate, Google Cloud Platform Professional Cloud Security Engineer, or equivalent SANS GIAC certifications.
Required Certifications:
Must have requisite certifications to fulfill DoD 8570 IAT Level II and CSSP-specific requirements
Additional Skills & Qualifications
Must be IAT II and CND IR compliant. Will be required to obtain Windows OS cert - Fed VTE skill soft training with fulfill requirement (Free)
Job Type & Location
This is a Contract position based out of Charleston, SC.
Pay and Benefits
The pay range for this position is $55.00 - $80.00/hr.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: Medical, dental & vision Critical Illness, Accident, and Hospital 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available Life Insurance (Voluntary Life & AD&D for the employee and dependents) Short and long-term disability Health Spending Account (HSA) Transportation benefits Employee Assistance Program Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Charleston,SC.
Application Deadline
This position is anticipated to close on Dec 19, 2025.
>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Detection Engineer Cloud SME
Secret Clearance, with ability to obtain TS/SCI
Position Description:
The Detection Engineer is responsible for designing, developing, and implementing detection mechanisms to identify cyber threats within a Cybersecurity Service Provider (CSSP) environment. The role focuses on creating and managing IDS/IPS signatures, log correlation rules, and other detection tools based on indicator lifecycle analysis. The Detection Engineer collaborates with Defensive Cyber Operations (DCO) Watch Analysts and other teams to ensure timely and effective threat detection, adhering to CJCSM 6510.01B reporting requirements and supporting the CSSP's mission to protect data across a wide spectrum of sources and locations.
Position Requirements and Duties:
Act as the primary SME for cloud log sources, designing efficient detections across multi-cloud environments (Gov. Cloud, AWS, Azure, Google Cloud Platform, etc).
Design and implement detection logic (KQL, EQL, and/or SPL) tailored to cloud-native threats and cloud infrastructure (e.g., containers like Kubernetes, Docker, etc.).
Analyze threat intelligence to create and refine detection mechanisms tailored to the customer's environment
Validate and test detection rules to ensure accuracy, minimize false positive and benign positive matches, and enhance threat identification capabilities
Collaborate with DCO Watch Analysts to integrate detection mechanisms into monitoring and incident response workflows
Maintain and update detection tools and signatures in response to evolving threats, ensuring compliance with CJCSM 6510.01B and other applicable directives
Compile and maintain internal standard operating procedure (SOP) documentation for detection creation and implementation processes
Perform log analysis of Splunk and Elastic to support detection development and validation
Coordinate with reporting agencies and subscriber sites to align detection strategies with operational needs and threat intelligence
Participate in program reviews, product evaluations, and onsite certification evaluations to assess detection tool efficacy
Overtime may be required to support detection implementation or incident response actions (Surge)
Up to 10% travel may be required
Minimum Qualifications:
Bachelor's Degree in relevant discipline and 5 years or at least 8 years of experience working in a CSSP, SOC, or similar environment
2+ years of experience with signature development, detection logic creation and optimization on multiple platforms
Desired Qualifications:
Deep technical expertise in major cloud provider security models, services, and logs (Gov. Cloud, AWS, Azure, Google Cloud Platform, etc.).
Experience working with and developing signatures for Splunk and Elastic
Experience with threat intelligence platforms and indicator management
Proficient knowledge of detection creation and implementation processes
Expertise in IDS/IPS solutions, including signature development and optimization
Strong understanding of the indicator lifecycle, including initial discovery, development, operational maturity, and long-term sustainment
Effective verbal and written communication skills
Ability to solve complex problems independently
Preferred certifications: AWS Certified Security, Azure Security Engineer Associate, Google Cloud Platform Professional Cloud Security Engineer, or equivalent SANS GIAC certifications.
Required Certifications:
Must have requisite certifications to fulfill DoD 8570 IAT Level II and CSSP-specific requirements
Additional Skills & Qualifications
Must be IAT II and CND IR compliant. Will be required to obtain Windows OS cert - Fed VTE skill soft training with fulfill requirement (Free)
Job Type & Location
This is a Contract position based out of Charleston, SC.
Pay and Benefits
The pay range for this position is $55.00 - $80.00/hr.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: Medical, dental & vision Critical Illness, Accident, and Hospital 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available Life Insurance (Voluntary Life & AD&D for the employee and dependents) Short and long-term disability Health Spending Account (HSA) Transportation benefits Employee Assistance Program Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Charleston,SC.
Application Deadline
This position is anticipated to close on Dec 19, 2025.
>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.