Threat Hunting & Detection Engineer (us Federal)

Workday

McLean, VA, USA
Base: $159,600 - $239,400 usd; bonus/equity: eligi...
Fully remote
Splunk correlation searches and spl development
Fedramp high and dod il5 regulated environments
Aws cloudtrail guardduty inspector vpc flow logs
This role supports U.S. Federal Government contracts requiring personnel to be United States citizens

Job Summary

  • This role supports U.S. Federal Government contracts requiring personnel to be United States citizens.
  • The engineer will develop high-fidelity detection logic across FedRAMP High and IL5 cloud-native SaaS environments using Splunk and AWS telemetry.
  • Workday offers a competitive base salary range of $159,600 to $258,000 USD along with bonus plans and stock grants.

Matching Summary

This role supports U.S. Federal Government contracts requiring personnel to be United States citizens.

Salary

Base: $159,600 - $239,400 USD; Bonus/Equity: Eligible for Workday Bonus Plan and annual refresh stock grants; Benefits: Comprehensive benefits package available

Skills & Requirements

Must-have

  • Splunk correlation searches and SPL development
  • FedRAMP High and DoD IL5 regulated environments
  • AWS CloudTrail GuardDuty Inspector VPC Flow Logs
  • MITRE ATT&CK mapping and NIST SP 800-61r3
  • Hypothesis-driven threat hunting in SaaS architectures

Nice-to-have

  • Experience with air-gapped environment constraints
  • Strong understanding of identity-based attack vectors
  • Familiarity with secure logging architectures
  • Experience leveraging SOAR platforms like Tines
  • Collaboration with Red/Purple/Blue teams

Key Requirements

  • 6+ years experience in cybersecurity operations or detection engineering
  • Bachelor's degree in Cybersecurity, Computer Science, Engineering, or equivalent
  • Active TS/SCI w/CI Poly security clearance preferred
  • Must be a United States citizen (naturalized or native)

Work Rights

Must have US citizenship

Tailored Resume

Cover Letter