SIEM Content Developer
Northern Technologies Group, Inc.
Yesterday
Top Secret
Unspecified
Unspecified
IT - Software
Columbus, OH (ON-SITE/OFFICE)
Description
Locations: Columbus, OH | Fort Belvoir, VA | Battle Creek, MI
Position Summary
Northern Technologies Group, Inc. (NTG), an SBA-certified 8(a) small business, is committed to delivering high-quality IT and cybersecurity solutions to federal customers. We are actively pursuing new opportunities to support a Department of Defense customer's cybersecurity mission. This position is part of a proposal effort and is contingent upon contract award. All offers and compensation will be determined based on contract terms and candidate qualifications.
NTG is seeking an experienced SIEM Content Developer to join our cyber defense team supporting a Department of Defense customer. You will work within a 24/7 security operations center, conducting live threat detection, analysis, and coordinated response across complex environments.
Essential Duties and Responsibilities
Design and implement SIEM rules and correlation logic aligned with MITRE ATT&CK and threat intelligence.
Develop and fine-tune detections and alerts to minimize false positives while maximizing visibility.
Create and maintain dashboards, visualizations, and reports that support SOC operations.
Integrate diverse log sources and validate data normalization across the enterprise.
Leverage scripting languages such as PowerShell to enhance automation and detection capabilities.
Collaborate with incident response analysts and threat hunters to support investigations and threat analysis.
Document detection logic, configuration changes, and tuning actions in a structured and repeatable format.
Requirements
Minimum Qualifications (Knowledge, Skills, and Abilities)
Active and current Top Secret federal security clearance
5+ years of experience in IT with at least 3 years of hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Trellix)
Minimum of 3 years in systems or network administration roles
DoD 8570/8140 IAT Level II (e.g., CompTIA Security+ CE, CySA+, GSEC, SSCP)
CSSP-IR (Incident Responder) (e.g., CEH, CFR, GCFA, GCIH, SCYBER, or CYSA+)
CND-CE certification within 6 months of hire
Strong knowledge of SPL (Search Processing Language), PowerShell, and log correlation techniques
Experience with the MITRE ATT&CK framework and security event analysis
Preferred Qualifications (Knowledge, Skills, and Abilities)
Prior experience supporting DLA, DISA, or other defense agencies
Background in security automation, threat intelligence integration, or SOAR tools
Experience with Trellix (McAfee), Microsoft Sentinel, or Splunk ES in federal environments
Important Note
This position is part of a proposal effort and is contingent upon contract award. All offers and compensation will be determined based on contract terms and candidate qualifications.
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform these functions.
While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate.
Northern Technologies Group is an equal opportunity employer. We do not discriminate based on race, color, religion, sex, national origin, disability, age, or any other protected status under federal, state, or local law.
Travel
Up to 10%
Shift
Hours and shift determined by location.
Note
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an "at will" relationship.
GROUP ID: 10432548
R
Recruiter
Northern Technologies Group, Inc.
Yesterday
Top Secret
Unspecified
Unspecified
IT - Software
Columbus, OH (ON-SITE/OFFICE)
Description
Locations: Columbus, OH | Fort Belvoir, VA | Battle Creek, MI
Position Summary
Northern Technologies Group, Inc. (NTG), an SBA-certified 8(a) small business, is committed to delivering high-quality IT and cybersecurity solutions to federal customers. We are actively pursuing new opportunities to support a Department of Defense customer's cybersecurity mission. This position is part of a proposal effort and is contingent upon contract award. All offers and compensation will be determined based on contract terms and candidate qualifications.
NTG is seeking an experienced SIEM Content Developer to join our cyber defense team supporting a Department of Defense customer. You will work within a 24/7 security operations center, conducting live threat detection, analysis, and coordinated response across complex environments.
Essential Duties and Responsibilities
Design and implement SIEM rules and correlation logic aligned with MITRE ATT&CK and threat intelligence.
Develop and fine-tune detections and alerts to minimize false positives while maximizing visibility.
Create and maintain dashboards, visualizations, and reports that support SOC operations.
Integrate diverse log sources and validate data normalization across the enterprise.
Leverage scripting languages such as PowerShell to enhance automation and detection capabilities.
Collaborate with incident response analysts and threat hunters to support investigations and threat analysis.
Document detection logic, configuration changes, and tuning actions in a structured and repeatable format.
Requirements
Minimum Qualifications (Knowledge, Skills, and Abilities)
Active and current Top Secret federal security clearance
5+ years of experience in IT with at least 3 years of hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, Trellix)
Minimum of 3 years in systems or network administration roles
DoD 8570/8140 IAT Level II (e.g., CompTIA Security+ CE, CySA+, GSEC, SSCP)
CSSP-IR (Incident Responder) (e.g., CEH, CFR, GCFA, GCIH, SCYBER, or CYSA+)
CND-CE certification within 6 months of hire
Strong knowledge of SPL (Search Processing Language), PowerShell, and log correlation techniques
Experience with the MITRE ATT&CK framework and security event analysis
Preferred Qualifications (Knowledge, Skills, and Abilities)
Prior experience supporting DLA, DISA, or other defense agencies
Background in security automation, threat intelligence integration, or SOAR tools
Experience with Trellix (McAfee), Microsoft Sentinel, or Splunk ES in federal environments
Important Note
This position is part of a proposal effort and is contingent upon contract award. All offers and compensation will be determined based on contract terms and candidate qualifications.
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform these functions.
While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate.
Northern Technologies Group is an equal opportunity employer. We do not discriminate based on race, color, religion, sex, national origin, disability, age, or any other protected status under federal, state, or local law.
Travel
Up to 10%
Shift
Hours and shift determined by location.
Note
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an "at will" relationship.
GROUP ID: 10432548
R
Recruiter
Job ID: 482683810
Originally Posted on: 6/25/2025
Want to find more Publishing opportunities?
Check out the 8,062 verified Publishing jobs on iHirePublishing
Similar Jobs
Sign Up for Job Alerts
