Cybersecurity Engineer w/ Splunk (GIAC Required)

This contract role seeks a Senior Information Security Engineer focused on threat disruption within the Advanced Operational Services organization. The position offers hybrid work in Charlotte, NC, with potential locations in Chandler, AZ or McLean, VA, and requires GIAC certification. The hourly compensation ranges from USD 75 to 80.

Overview

The role centers on threat disruption within the security operations framework, providing engineering leadership for incident response, phishing disruption efforts, and the implementation of secure controls across networking, cloud, authentication, and endpoint security. This position emphasizes collaboration with internal clients to align projects with corporate information security policies and standards, while delivering practical, repeatable security solutions.

Responsibilities

• Review and correlate security logs to identify anomalies and support investigations
• Lead phishing disruption efforts through the development of new logic and procedures to detect attacks affecting customers and employees
• Manage or contribute to computer security incident response activities for moderately complex events
• Conduct technical investigations of security incidents and perform post incident digital forensics to determine causes and inform mitigations
• Provide security consulting on internal projects to ensure adherence to information security policy and standards
• Design, document, test, maintain, and propose resolutions for moderately complex security solutions across networking, cryptography, cloud, authentication, directory services, email, internet, applications, and endpoints
• Apply subject matter expertise to implement security components such as availability, integrity, confidentiality, risk management, monitoring, incident response, access management, and business continuity
• Identify vulnerabilities, perform risk assessments, and evaluate remediation options
• Collaborate with peers and managers to resolve issues and achieve goals

Requirements

• Minimum 4 years of Information Security Engineering experience, demonstrated through work experience, training, military service, or education

Technologies

• Splunk
• SIEM
• IDS/IPS
• YARA
• Regular expressions

Desired Qualifications

• Advanced information security technical skills
• Experience detecting and mitigating phishing attacks targeting employees and the company brand
• Experience creating regular expressions and YARA rules
• Ability to manage complex issues and develop effective solutions
• Experience in one or more security disciplines such as information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigations, DMARC, or cyber threat intelligence
• Capability to operate in a fast paced, high demand environment while balancing multiple priorities
• GIAC certification or related credential
• Hands-on experience with enterprise security tools including SIEM, IDS/IPS, endpoint security, and email/web security gateways
• Experience with host and/or network log analysis for incident response or threat hunting
• Knowledge of offensive security concepts to anticipate adversary techniques
• Strong operating system and application security hardening practices
• Analytical mindset with meticulous attention to detail
• Advanced problem solving skills enabling long term solutions to complex challenges