Senior Cyber Capability Developer

Job Description

ECS is seeking a Senior Cyber Capability Developer to work in our Huntsville, AL office. Please Note: This position is contingent upon contract award.

We're seeking a highly skilled Sr Cyber Capability Developer to support cybersecurity operations for the Federal Bureau of Investigation (FBI) in the ESOC. In this role, you will design, develop, and maintain cybersecurity automation, detection, and response capabilities, with a strong emphasis on leveraging Splunk for Security Information and Event Management (SIEM). This role collaborates with ESOC analysts and engineers to enhance security monitoring, incident response, and operational efficiency using Splunk and related technologies.

Key Responsibilities:

• Design, develop, and maintain custom security tools, scripts, and automated workflows to support ESOC operations, with a primary focus on Splunk SIEM integrations.
• Develop, upgrade, and enhance the enterprise SIEM strategy and implementation via Splunk, including data flow diagrams, log management, and alert feed architectures for seamless alert integration.
• Configure Splunk tools, settings, alerts, and notifications to improve security resilience, including implementation of Security Orchestration, Automation, and Response (SOAR) capabilities.
• Create and tune Splunk detection content, including correlation rules, dashboards, and reports for threat detection and compliance monitoring.
• Monitor and analyze security events and alerts in Splunk, conducting detailed investigations to identify and respond to potential security incidents.
• Collaborate with incident response teams, providing technical expertise and developing new detection and response capabilities within Splunk.
• Document development efforts, including system design, standard operating procedures, and user guides for Splunk-based solutions.
• Stay current with emerging cybersecurity threats, trends, and SIEM best practices, and recommend innovative solutions for ESOC integration.
• Mentor junior team members on Splunk development, SIEM best practices, and security automation.
• This role is 100% onsite

Required Skills

• Active Top-Secret Clearance with eligibility for SCI / CI-Poly in compliance with FBI security protocols.
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience).
• Minimum 10 years IT experience, with at least 7 years in cybersecurity and 5 years of hands-on experience with Splunk.
• Strong proficiency in scripting or programming languages (e.g., Python, PowerShell) for Splunk automation and integration.
• Experience developing and tuning SIEM use cases, correlation rules, and alerts in Splunk.
• Solid understanding of network protocols, system logs, and security event correlation.
• Experience working with incident response teams for triage and analysis using Splunk.
• Splunk SIEM architecture and administration
• Security automation and orchestration
• Custom tool and script development for Splunk
• Incident detection and response support using Splunk
• Threat and vulnerability analysis
• Documentation and process improvement

Desired Skills

• Experience with other SIEM or SOAR platforms (e.g., Microsoft Sentinel).
• Advanced cybersecurity certifications (e.g., CISSP, GIAC GMON, GCIH).
• Familiarity with cloud security and containerized environments.
• Experience with EDR/XDR solutions (e.g., Crowdstrike, Palo Alto XDR).

This position offers a unique opportunity to work in a high-security environment, directly supporting national defense and law enforcement initiatives. If you are passionate about securing mission-critical systems and thrive in a fast-paced, high-stakes environment, we encourage you to apply.

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.