Immediate Interview || SIEM Content Developer || Remote

Overview

Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - Long term

Skills

Python
SIEM

Job Details

Job title SIEM Content Developer

Location Remote

Contract 12+ months

Must Have Skills

SIEM

Logrhythm

Python

We are seeking a skilled and motivated SIEM Content Developer to join our cybersecurity team.

The ideal candidate will have hands-on experience with SIEM platforms and a strong understanding of security operations, incident response, and log analysis.

This role is critical in enhancing our threat detection capabilities and ensuring the integrity of our security monitoring infrastructure.

Key Responsibilities:

Design, develop, and optimize SIEM content including correlation rules, dashboards, alerts, and reports using platforms such as LogRhythm, Splunk, QRadar, McAfee ESM, or similar.

Analyze and normalize log data from various sources to ensure effective SIEM ingestion and parsing.

Collaborate with security operations and incident response teams to identify detection gaps and develop new use cases.

Perform threat modeling and create detection logic for various attack techniques and tactics.

Maintain and improve existing SIEM rules and content to reduce false positives and enhance detection accuracy.

Conduct regular reviews of log sources to ensure completeness and relevance for security monitoring.

Support incident handling and response efforts by providing actionable insights and forensic data from SIEM.

Stay current with emerging threats, vulnerabilities, and attack vectors to proactively update detection content.

Required Qualifications:

Proven experience in SIEM content development using one or more platforms (e.g., LogRhythm, Splunk, QRadar, McAfee ESM).Strong understanding of log formats, log source onboarding, and data normalization.

Solid background in Windows and Linux system administration or security.

Hands-on experience in incident handling, security analytics, or threat detection.

Good grasp of networking fundamentals and common cyberattack techniques (e.g., MITRE ATT& CK framework).

Familiarity with various security controls and their application in enterprise environments.

Preferred Skills:

Experience with scripting languages (e.g., Python, PowerShell) for automation and data manipulation.

Knowledge of threat intelligence platforms and integration with SIEM.

Certifications such as GCIA, GCIH, CEH, or Splunk Certified Professional are a plus.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Amaze Systems Inc