Zachary Piper
Principal Cyber Detection Engineer (CI Poly)
Zachary Piper, Denver, Colorado, United States, 80285
Overview
Zachary Piper Solutions is seeking a Principal Cyber Detection Engineer (SIEM) to support a classified Intelligence program in Denver, CO. The team is seeking a security engineer to create and deploy threat-based signatures for operational intrusion detection capabilities for the Cybersecurity Operations Center (CSOC). Clearance:
Active TS / SCI CI Polygraph Clearance Location:
Denver, CO (100% on-site) This job opens for applications on 9 / 22 / 2025. Applications for this job will be accepted for at least 30 days from the posting date. Responsibilities
Support Cyber Operations Squadron (COS) efforts by ensuring timely publication of updated cybersecurity tool signatures, including antivirus and host-based security systems. Conduct in-depth threat analysis, including reverse engineering of malware, to uncover critical details such as origin, target, impacted systems, recommended mitigations, and mission risk. Develop custom content for Security Information and Event Management (SIEM) tools and create tailored IDS / IPS signatures to counter specific threats. Correlate security events and incidents using data from diverse enterprise sources to identify patterns and potential threats. Assess the impact of cyber incidents on data and infrastructure, providing detailed evaluations of damage and recovery needs. Perform trend analysis and reporting on cyber incidents to identify recurring threats and inform proactive defense strategies. Analyze network traffic and system data to detect anomalies and potential security threats. Deliver real-time detection, identification, and reporting of cyber intrusions, suspicious activities, and policy violations. Create and implement detection rules. Qualifications
Active TS / SCI CI Polygraph required to be considered. Bachelor’s degree from an accredited college in a related discipline and 10+ years of prior relevant experience. IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required. Proficient in modern operating systems, including Windows, UNIX, network OS environments, databases, and virtualized computing platforms. Experienced with enterprise-grade security tools, such as SIEM systems (specifically Splunk), Threat Intelligence Platforms (TIPs), and network monitoring solutions. Skilled in developing, modifying, and fine-tuning detection mechanisms, including IDS signatures and SIEM correlation rules. Knowledgeable in implementing cybersecurity countermeasures and mitigation strategies to reduce risk and enhance system resilience. Compensation
Total compensation based on experience level - $170,000-$185,000+ Based on experience level Full Benefits: PTO, 11 Paid Holidays, Cigna Medical, Dental, and Vision, 401k with ADP Certification reimbursement Contract mobility and job stability – Contract through 2026 Keywords:
cyber, NIST, network, networking, IDS, SIEM, SOAR, PCAP, Snort, signatures, rules, packet capture, malware, ISE, XML, Perl, Cisco, vulnerability management, NESSUS, NMAP, Wireshark, STIGs, CND, DOD, Chantilly, Virginia, on-site, on site, cybersecurity, threat analysis, trend analysis, threat hunting, information assurance, security clearance, CII polygraph, top secret
#J-18808-Ljbffr
Zachary Piper Solutions is seeking a Principal Cyber Detection Engineer (SIEM) to support a classified Intelligence program in Denver, CO. The team is seeking a security engineer to create and deploy threat-based signatures for operational intrusion detection capabilities for the Cybersecurity Operations Center (CSOC). Clearance:
Active TS / SCI CI Polygraph Clearance Location:
Denver, CO (100% on-site) This job opens for applications on 9 / 22 / 2025. Applications for this job will be accepted for at least 30 days from the posting date. Responsibilities
Support Cyber Operations Squadron (COS) efforts by ensuring timely publication of updated cybersecurity tool signatures, including antivirus and host-based security systems. Conduct in-depth threat analysis, including reverse engineering of malware, to uncover critical details such as origin, target, impacted systems, recommended mitigations, and mission risk. Develop custom content for Security Information and Event Management (SIEM) tools and create tailored IDS / IPS signatures to counter specific threats. Correlate security events and incidents using data from diverse enterprise sources to identify patterns and potential threats. Assess the impact of cyber incidents on data and infrastructure, providing detailed evaluations of damage and recovery needs. Perform trend analysis and reporting on cyber incidents to identify recurring threats and inform proactive defense strategies. Analyze network traffic and system data to detect anomalies and potential security threats. Deliver real-time detection, identification, and reporting of cyber intrusions, suspicious activities, and policy violations. Create and implement detection rules. Qualifications
Active TS / SCI CI Polygraph required to be considered. Bachelor’s degree from an accredited college in a related discipline and 10+ years of prior relevant experience. IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required. Proficient in modern operating systems, including Windows, UNIX, network OS environments, databases, and virtualized computing platforms. Experienced with enterprise-grade security tools, such as SIEM systems (specifically Splunk), Threat Intelligence Platforms (TIPs), and network monitoring solutions. Skilled in developing, modifying, and fine-tuning detection mechanisms, including IDS signatures and SIEM correlation rules. Knowledgeable in implementing cybersecurity countermeasures and mitigation strategies to reduce risk and enhance system resilience. Compensation
Total compensation based on experience level - $170,000-$185,000+ Based on experience level Full Benefits: PTO, 11 Paid Holidays, Cigna Medical, Dental, and Vision, 401k with ADP Certification reimbursement Contract mobility and job stability – Contract through 2026 Keywords:
cyber, NIST, network, networking, IDS, SIEM, SOAR, PCAP, Snort, signatures, rules, packet capture, malware, ISE, XML, Perl, Cisco, vulnerability management, NESSUS, NMAP, Wireshark, STIGs, CND, DOD, Chantilly, Virginia, on-site, on site, cybersecurity, threat analysis, trend analysis, threat hunting, information assurance, security clearance, CII polygraph, top secret
#J-18808-Ljbffr