This role supports U.S. Federal Government contracts requiring United States citizenship and involves protecting enterprise and government SaaS environments under strict security boundaries
Job Summary
This role supports U.S. Federal Government contracts requiring United States citizenship and involves protecting enterprise and government SaaS environments under strict security boundaries.
The engineer is responsible for engineering high-fidelity detection logic using Splunk and cloud-native telemetry to reduce adversary dwell time across regulated cloud environments.
Workday offers a competitive salary range, flexible work arrangements requiring at least 50% time in-office or field, and a culture rooted in integrity and shared enthusiasm.
Matching Summary
This role supports U.S. Federal Government contracts requiring United States citizenship and involves protecting enterprise and government SaaS environments under strict security boundaries.
Salary
Base: $159,600 - $239,400 USD; Bonus/Equity: Eligible for Workday Bonus Plan and annual refresh stock grants; Benefits: Comprehensive benefits package including flexible work options
Skills & Requirements
Must-have
Splunk correlation searches and SPL development
AWS CloudTrail GuardDuty Inspector VPC Flow Logs
FedRAMP High and DoD IL5 compliance frameworks
MITRE ATT&CK mapping and NIST SP 800-61r3
Hypothesis-driven threat hunting in SaaS
Nice-to-have
Experience with air-gapped environment constraints
Strong understanding of identity-based attack vectors
Familiarity with secure logging architectures
Experience leveraging SOAR platforms like Tines
Collaboration with Red/Purple/Blue teams
Key Requirements
6+ years experience in cybersecurity operations or detection engineering
Bachelor's degree in Cybersecurity, Computer Science, Engineering, or equivalent
Ability to obtain and maintain TS/SCI w/CI Poly security clearance
Must be a United States citizen (naturalized or native)