Job Type
Full-time
Description
*This position is contingent upon a future opening with Gunnison.
Salary: $145,000 - $155,000/year
Work Location: Hybrid. 4 days/week on site in Washington, DC
- Lead detection engineering activities supporting cybersecurity monitoring and defense for the federal customer
- Oversee the full lifecycle of detection development, including research, testing, deployment, tuning, and maintenance
- Research emerging threats, adversary capabilities, and attack methodologies to improve detection coverage
- Develop, validate, and deploy SIEM detections, correlation rules, and analytic workflows
- Manage and maintain risk-based alerting frameworks to prioritize critical threats
- Conduct regular reviews of alert performance, including analysis of false positives and tuning opportunities
- Document detection logic, configurations, and implementation procedures
- Collaborate with threat hunting, intelligence, and incident response teams to operationalize threat insights
- Develop new detections in response to emerging threats, vulnerabilities, and operational priorities
- Ensure timely implementation of critical detections within defined SLAs
- Evaluate new telemetry sources and security alerts for detection value and operational impact
- Track detection changes and enhancements through Agile workflows and ticketing systems
- Produce operational reports summarizing detection performance and improvements
- Maintain configuration management and documentation repositories
- Recommend improvements for telemetry collection, log visibility, and monitoring effectiveness
- Coordinate with Blue Team to incorporate findings from adversary simulations and exercises
- Deliver briefings and reports to technical teams and leadership
- Support transition and operational readiness activities
Requirements
- Bachelor's degree in Computer Science, Information Technology, or related field
- Minimum of 5 years of experience in incident response or SOC operations, including at least 3 years focused on detection engineering, threat hunting, or adversary emulation
- At least 3 years of experience developing hypotheses, querying large datasets, and identifying advanced threat behaviors
- Minimum of 2 years of experience with scripting languages such as Python and PowerShell
- At least 2 years of experience developing detection logic in SIEM platforms such as Splunk Enterprise Security or Microsoft Sentinel
- Certification required: OSCP or GXPN
Clearance Requirement: Ability to obtain and maintain a Public Trust.
The salary range for this position depends upon multiple factors including location, the individual's knowledge, skills, competencies, and experience, and contract-specific budget constraints and organizational requirements.
Gunnison Consulting Group's total compensation package also includes bonus and profit-sharing opportunities, depending on company and employee performance. Available employee benefits include:
- 3 weeks of Personal Leave your first year
- 11 paid Holidays each year
- 5 days of Flexible Time Off each year
- 401(k) company match at 50% up to 10% of your salary
- Medical, Dental and Vision Insurance
- Life and Disability Insurance
- Public Transportation Subsidies
- Certifications and Training Allowance - Up to $5,000/year!
Salary Description
$145,000 - $155,000/year
