This role supports U.S. Federal Government contracts requiring personnel to be United States citizens with a TS/SCI w/CI Poly clearance
Job Summary
This role supports U.S. Federal Government contracts requiring personnel to be United States citizens with a TS/SCI w/CI Poly clearance.
The engineer will design detection strategies for high-security SaaS environments including air-gapped regions with limited telemetry pathways.
Workday offers flexible work arrangements allowing teams to spend at least half of their time in the office or field while maintaining remote flexibility.
Matching Summary
This role supports U.S. Federal Government contracts requiring personnel to be United States citizens with a TS/SCI w/CI Poly clearance.
Salary
Base: $159,600 - $239,400 USD; Bonus/Equity: Eligible for Workday Bonus Plan and annual refresh stock grants; Benefits: Comprehensive benefits package available
Skills & Requirements
Must-have
Splunk correlation searches and SPL development
AWS CloudTrail GuardDuty Inspector VPC Flow Logs
FedRAMP High and DoD IL5 compliance frameworks
MITRE ATT&CK mapping and adversary tradecraft
NIST SP 800-61r3 incident response lifecycle
Nice-to-have
Hypothesis-driven threat hunting in SaaS architectures
Identity-based attack vector detection expertise
Container and workload-level attack detection
SOAR platform experience in constrained environments
Secure logging architecture in air-gapped regions
Key Requirements
6+ years of cybersecurity operations or detection engineering experience
Active TS/SCI w/CI Poly security clearance preferred
Bachelor's degree in Cybersecurity, Computer Science, Engineering or equivalent experience
Must be a United States citizen (naturalized or native)