Job ID: 2508288 Location: REMOTE WORK, TN, US Date Posted: 2025-08-05 Category: Cyber Subcategory: Cybersecurity Spec Schedule: Full-time Shift: Day Job Travel: No Minimum Clearance Required: None Clearance Level Must Be Able to Obtain: Secret Potential for Remote Work: Yes Description We provide advanced cybersecurity monitoring and engineering support to a wide range of government agencies through a multi-tenant MSS model. Our Security Operations Center (SOC) operates 24/7, leveraging Microsoft Sentinel as the core SIEM platform. However, we increasingly support hybrid and multi-cloud environments including AWS and Splunk, and we are seeking a cloud-savvy SIEM engineer to help us grow and maintain secure, scalable monitoring capabilities. As a SOC SIEM/Cloud Engineer, you will serve as one of the primary engineers for multi-cloud SIEM operations in a managed security services environment. While Microsoft Sentinel remains our core SIEM platform, you will also support AWS-native security tooling and Splunk-based environments. This role emphasizes cross-cloud log ingestion, automation, and security detection engineering. Candidates must be self-directed, security-minded, and comfortable designing scalable monitoring strategies across diverse architectures. This is a remote position, but Secret clearance eligibility is required to support future classified operations, as needed. KEY RESPONSIBILITIES: SIEM Operations & Cloud Integration • Administer and optimize SIEM platforms including Microsoft Sentinel, Splunk, and AWS-native tools such as CloudWatch, CloudTrail, GuardDuty, and Security Hub. • Manage log ingestion pipelines from hybrid, cloud, and containerized environments. • Design alert rules, detection use cases, and enrichment pipelines using KQL, SPL, and JSON-based event structures. Security Automation • Build and maintain automation workflows using Azure Logic Apps, Splunk SOAR, and AWS Lambda/Step Functions. • Integrate threat intelligence, reputation feeds, and context enrichment across cloud platforms. • Partner with SOC analysts to streamline Tier 1-2 response efforts through smart automation. Multi-Cloud Design & Support • Act as the subject matter expert on cloud security logging and architecture for Azure, AWS, and hybrid environments. • Advise customers and internal teams on best practices for telemetry, logging policy, and compliance alignment (e.g., FedRAMP, CJIS, NIST 800-53). • Lead or support onboarding of cloud workloads including EC2, EKS, Lambda, Azure VMs, Kubernetes, and M365C environments. Qualifications Required Qualifications • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field • 3-5+ years of SIEM engineering experience across multi-cloud environments (Azure, AWS) • Hands-on experience with Microsoft Sentinel, AWS Security Services, and Splunk • Experience creating alerts and detection rules in KQL, SPL, and JSON-based formats • Familiarity with automation tools such as Logic Apps, Splunk SOAR, AWS Lambda, or Step Functions • Strong scripting knowledge (PowerShell, Python, or Bash) Preferred Qualifications • Active Secret clearance or higher • Microsoft Certifications: SC-200, AZ-500 • AWS Certifications: Security Specialty, Solutions Architect Associate or Pro • Splunk Certifications: Admin, Power User • Experience with cloud container security (EKS, AKS, Kubernetes auditing) • Experience in multi-tenant MSSP environments or government contracts • Familiarity with large language models (LLMs), GenAI, or agentic AI frameworks for use in cybersecurity operations What We Offer • Fully remote work with flexibility and work-life balance • Opportunity to contribute to classified operations with additional clearance • Competitive compensation and benefits • Training and certification assistance • Stable, mission-driven cybersecurity work supporting state and federal government agencies Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors. SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see .