SIEM Engineer

Zachary Piper Solutions is seeking a SIEM Engineer to join a leading client in the cybersecurity and defense industry supporting critical security operations. The SIEM Engineer role is a hybrid position requiring onsite presence in Fulton, MD on Tuesdays and Thursdays. This opportunity is best suited for a security professional with strong Splunk expertise, AWS exposure, and experience in SOC or incident response environments who thrives in a fast-paced, mission-driven setting.

• Engineer and enhance Splunk Enterprise Security detections, dashboards, and correlation searches to strengthen threat visibility
• Build and support automation workflows and playbooks within Splunk SOAR to streamline response efforts
• Integrate and normalize diverse security data sources into Splunk while ensuring data quality and performance optimization
• Partner with SOC and engineering teams to refine detection capabilities and improve operational efficiency across the environment
• Lead and support incident investigations, coordinating response actions and contributing to continuous monitoring coverage

• Active Secret Clearance
• Ability to work onsite twice weekly in Fulton, MD – Tuesday and Thursday
• 5+ years of experience in SIEM engineering, SOC operations, or incident response
• Advanced proficiency with Splunk, including writing complex SPL queries and building production-grade dashboards (similar to Ashley Brown-level experience)
• Experience integrating AWS services (such as AWS Security Hub) and other security tools into a centralized SIEM platform
• Strong understanding of data onboarding, CIM normalization, and Splunk knowledge objects, with the ability to operate in high-pressure environments

• $115,000 – 125,000 annually
• Full Comprehensive Benefits:
  Health, Vision, Dental, PTO, Paid Holiday and Sick Leave if Required by Law.