Connected Logistics logo

SIEM Content Developer

Connected Logistics
Full-time
On-site
Columbus, Ohio, United States
🌐 Digital Marketing

πŸ“Œ Core Information

πŸ”Ή Job Title: SIEM Content Developer

πŸ”Ή Company: Connected Logistics

πŸ”Ή Location: Columbus, OH

πŸ”Ή Job Type: Contractor

πŸ”Ή Category: Defense and Space Manufacturing

πŸ”Ή Date Posted: May 7, 2025

πŸ”Ή Experience Level: 5-10 years

πŸ”Ή Remote Status: On-site

πŸš€ Job Overview

Key aspects of this role include:

  • Developing new threat detection use cases based on emerging threats and threat intelligence research
  • Collaborating with stakeholders to identify critical systems and application components for alerting priorities
  • Enhancing SIEM functionality through custom scripts
  • Improving data feed quality and recommending improvements

ASSUMPTION: This role requires a strong background in cybersecurity and incident response, with a focus on SIEM systems. The ideal candidate will have experience working with various log formats and understanding of network architecture.

πŸ“‹ Key Responsibilities

βœ… Research and develop new threat detection use cases based on emerging threats, threat intelligence research, and Threat Detection Analyst feedback

βœ… Collaborate with stakeholders and cybersecurity tool SMEs to identify gaps in security protection and analytics capabilities

βœ… Develop custom scripts to enhance SIEM functionality, review the quality of data feeds, and recommend improvements

βœ… Collaborate with stakeholders to identify critical systems and application components to develop alerting priorities and create signatures tailored to individual programs and applications

ASSUMPTION: This role requires strong analytical and problem-solving skills, as well as the ability to work effectively with various stakeholders.

🎯 Required Qualifications

Education: Relevant Bachelor's degree or equivalent experience

Experience: Five (5) years of relevant IT experience, including three (3) years working with a SIEM in a content development or incident response role and three (3) years of system and/or network administration experience

Required Skills:

  • Understanding of various log formats
  • Understanding of the MITRE ATT&CK framework
  • Strong understanding of network architecture
  • Experience developing and maintaining scripts (preferably using PowerShell, Python, or SPL)
  • Understanding of Defense-in-Depth

Preferred Skills:

  • Certifications: Baseline Certification for IT-II and CNDSP/CSSP-IR, and one of the β€œComputer Network Defense” CE Certifications

ASSUMPTION: While not explicitly stated, having experience with specific SIEM tools (e.g., Splunk, IBM QRadar, or LogRhythm) would be beneficial for this role.

πŸ’° Compensation & Benefits

Salary Range: $90,000 - $120,000 per year (Estimated based on industry standards for a SIEM Content Developer with 5-10 years of experience in the defense industry)

Benefits:

  • Health, dental, and vision insurance
  • 401(k) plan with company match
  • Paid time off (vacation, sick, and holidays)
  • Tuition reimbursement

Working Hours: Full-time, 40 hours per week

ASSUMPTION: The salary range provided is an estimate based on industry standards for similar roles in the defense industry. Actual compensation may vary based on factors such as experience and performance.

πŸ“Œ Applicant Insights

πŸ” Company Context

Industry: Connected Logistics operates in the defense and space manufacturing industry, focusing on automated logistics, decision support, and IT program development.

Company Size: Connected Logistics is a small to mid-sized company with 51-200 employees, providing a more intimate work environment.

Founded: Connected Logistics was founded in 2007 and is headquartered in Huntsville, AL, with additional offices in Springfield, VA.

Company Description:

  • Connected Logistics is a certified Service-Disabled Veteran-Owned Small Business (SDVOSB)
  • They specialize in network-enabled logistics, program management, decision support systems, and lean design of processes and defense technology
  • The company provides direct support to the US Army and Department of Defense

Company Specialties:

  • Automated Logistics
  • Decision Support
  • IT Program Development

Company Website: http://www.logc2.com

ASSUMPTION: Connected Logistics' focus on defense and space manufacturing may require applicants to obtain or maintain specific security clearances.

πŸ“Š Role Analysis

Career Level: Mid-level to senior-level position, requiring significant experience in SIEM and incident response

Reporting Structure: This role may report to a Manager or Director of Cybersecurity or a similar position within the organization

Work Arrangement: On-site work arrangement, with the possibility of occasional travel to other DLA locations

Growth Opportunities:

  • Potential career progression into senior roles within the cybersecurity team or related fields
  • Opportunities to work on diverse projects and gain experience with various SIEM tools and technologies
  • Possibility of contributing to the development of new threat detection use cases and enhancing SIEM functionality

ASSUMPTION: As this role is contingent on contract award, there may be opportunities for long-term employment or contract extensions based on performance and project needs.

🌍 Location & Work Environment

Office Type: On-site work environment at DLA locations in Columbus, Ohio, Ft. Belvoir, Virginia, or Battle Creek, MI

Office Location(s): 3990 E. Broad St, Columbus, OH 43213 (Primary location)

Geographic Context:

  • Columbus, OH: A vibrant city with a growing tech industry and a cost of living slightly below the national average
  • Ft. Belvoir, VA: Located near Washington D.C., offering access to various cultural and historical attractions
  • Battle Creek, MI: A mid-sized city with a lower cost of living and a strong manufacturing industry

Work Schedule: Full-time, 40 hours per week, with the possibility of occasional overtime or on-call duties

ASSUMPTION: The work environment may require applicants to maintain specific security clearances and adhere to strict security protocols.

πŸ’Ό Interview & Application Insights

Typical Process:

  • Online application submission
  • Phone or video screening
  • In-person or virtual interview with the hiring manager and/or team members
  • Background check and security clearance processing
  • Job offer and onboarding

Key Assessment Areas:

  • Technical skills and experience with SIEM systems and incident response
  • Problem-solving and analytical skills
  • Communication and collaboration skills
  • Adaptability and ability to work in a dynamic environment

Application Tips:

  • Highlight relevant experience with SIEM systems and incident response in your resume
  • Tailor your cover letter to demonstrate your understanding of the role and its requirements
  • Prepare for behavioral and technical interview questions focusing on your experience and problem-solving skills

ATS Keywords: SIEM, content development, incident response, system administration, network administration, log formats, MITRE ATT&CK, network architecture, scripting, Defense-in-Depth, DOD Top Secret Clearance, IT-I Critical Sensitive Security Clearance, Computer Network Defense Certifications

ASSUMPTION: The application process may take several weeks to complete due to the requirement for security clearances.

πŸ› οΈ Tools & Technologies

  • SIEM tools (e.g., Splunk, IBM QRadar, LogRhythm)
  • Scripting languages (e.g., PowerShell, Python, SPL)
  • MITRE ATT&CK framework
  • Defense-in-Depth security principles

ASSUMPTION: The specific SIEM tools and technologies used may vary depending on the client's requirements and the organization's standard tools.

πŸ‘” Cultural Fit Considerations

Company Values:

  • Customer focus
  • Integrity
  • Innovation
  • Collaboration
  • Accountability

Work Style:

  • Dynamic and fast-paced environment
  • Strong emphasis on teamwork and collaboration
  • Focus on continuous learning and improvement
  • Adaptability to changing priorities and project needs

Self-Assessment Questions:

  • Do you have experience working with SIEM systems and incident response in a defense or related industry?
  • Are you comfortable working in a dynamic and fast-paced environment, with a focus on teamwork and collaboration?
  • Do you possess strong problem-solving and analytical skills, with a demonstrated ability to learn new tools and technologies?

ASSUMPTION: Connected Logistics values employees who are adaptable, innovative, and committed to delivering high-quality results for their clients.

⚠️ Potential Challenges

  • Working with classified or sensitive information, requiring strict adherence to security protocols
  • Managing multiple projects and priorities, with a focus on meeting client deadlines
  • Adapting to changes in project scope or requirements, as the organization works with various clients and contracts
  • Occasional travel to other DLA locations, as needed

ASSUMPTION: The potential challenges associated with this role may vary depending on the specific client and project requirements.

πŸ“ˆ Similar Roles Comparison

  • SIEM Analyst: Focuses more on monitoring and analyzing security events, rather than developing use cases and enhancing SIEM functionality
  • Threat Intelligence Analyst: Primarily responsible for researching and analyzing emerging threats, rather than developing use cases and enhancing SIEM functionality
  • Cybersecurity Engineer: Typically focuses on designing, implementing, and maintaining cybersecurity systems and infrastructure, rather than developing use cases and enhancing SIEM functionality

ASSUMPTION: While these roles share some similarities, the SIEM Content Developer role is unique in its focus on developing threat detection use cases and enhancing SIEM functionality.

πŸ“ Sample Projects

  • Developing a new threat detection use case based on emerging threat intelligence research
  • Enhancing SIEM functionality through custom scripts, improving data feed quality, and recommending improvements
  • Collaborating with stakeholders to identify critical systems and application components for alerting priorities and creating tailored signatures

ASSUMPTION: The specific projects assigned to the SIEM Content Developer may vary depending on the client's requirements and the organization's priorities.

❓ Key Questions to Ask During Interview

  • Can you describe the team structure and how this role fits within the organization's cybersecurity efforts?
  • What are the most significant challenges facing the cybersecurity team, and how can this role contribute to addressing them?
  • How does the organization support the professional development and growth of its employees in cybersecurity roles?
  • What are the primary priorities for this role in the first 90 days, and how will success be measured?
  • How does the organization ensure the security and protection of sensitive information, and what role will this position play in maintaining those standards?

ASSUMPTION: Asking thoughtful and insightful questions during the interview process demonstrates your interest in the role and your commitment to understanding the organization's priorities and goals.

πŸ“Œ Next Steps for Applicants

To apply for this position:

  • Submit your application through this link
  • Tailor your resume to highlight your relevant experience with SIEM systems, incident response, and other required skills
  • Write a cover letter that demonstrates your understanding of the role and your enthusiasm for the opportunity to contribute to the organization's cybersecurity efforts
  • Prepare for the interview process by researching the organization and its clients, and practicing your responses to common interview questions
  • Follow up with the hiring manager or HR representative within one week of submitting your application to confirm receipt and express your continued interest in the position

⚠️ This job description contains AI-assisted information. Details should be verified directly with the employer before making decisions.

Apply now
Share this job
Twitter Facebook Linkedin Email