Cyber Detection Engineer; CI Polygraph

Zachary Piper Solutions is seeking a Senior Cyber Detection Engineer (SIEM) to support a classified Intelligence program in Springfield, VA. The team is seeking a security engineer to create and deploy threat-based signatures for operational intrusion detection capabilities for the Cybersecurity Operations Center (CSOC).

Clearance:
Active TS/SCI CI Polygraph Clearance

Location:
Springfield, VA/Chantilly, VA (100% on-site)

This job opens for applications on 6/3/2026. Applications for this job will be accepted for at least 30 days from the posting date

• Support Cyber Operations Squadron (COS) efforts by ensuring timely publication of updated cybersecurity tool signatures, including antivirus and host-based security systems.
• Conduct in-depth threat analysis, including reverse engineering of malware, to uncover critical details such as origin, target, impacted systems, recommended mitigations, and mission risk.
• Develop custom content for Security Information and Event Management (SIEM) tools and create tailored IDS/IPS signatures to counter specific threats.
• Correlate security events and incidents using data from diverse enterprise sources to identify patterns and potential threats.
• Assess the impact of cyber incidents on data and infrastructure, providing detailed evaluations of damage and recovery needs.
• Perform trend analysis and reporting on cyber incidents to identify recurring threats and inform proactive defense strategies.
• Analyze network traffic and system data to detect anomalies and potential security threats.
• Deliver real-time detection, identification, and reporting of cyber intrusions, suspicious activities, and policy violations.
• Create and implement detection rules.

• Active TS/SCI CI Polygraph required in order to be considered.
• Bachelor’s degree from an accredited college in a related discipline and 5+ years of prior relevant experience.
• IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required.
• Proficient in modern operating systems, including Windows, UNIX, network OS environments, databases, and virtualized computing platforms.
• Experienced with enterprise-grade security tools, such as Security Information and Event Management (SIEM) systems specifically Splunk, Threat Intelligence Platforms (TIPs), and network monitoring solutions.
• Skilled in developing, modifying, and fine-tuning detection mechanisms, including IDS signatures and SIEM correlation rules.
• Knowledgeable in implementing cybersecurity countermeasures and mitigation strategies to reduce risk and enhance system resilience.

• Total compensation based on experience level - $135,000-$150,000+ (based on experience level).
• Full Benefits: PTO, 11 Paid Holidays, Cigna Medical, Dental, and Vision, 401k with ADP.
• Certification reimbursement.
• Contract mobility and job stability – Contract through 2026.