Day Shift Threat Detection Engineer Jobs in Alabama

Position Title: Cyber Capability Developer-Senior

Position Location: Redstone Arsenal

Position Type: Full-Time, On-Site

Position Overview

We are seeking an experienced Senior Cyber Capability Developer to support advanced cyber threat detection, analysis, and response operations in Huntsville, AL. This role focuses on designing, engineering, and optimizing cybersecurity detection capabilities and analytics using enterprise security platforms, cyber threat intelligence, and automation technologies to defend mission-critical systems.

The ideal candidate brings deep technical expertise across threat detection engineering, SIEM/SOAR platforms, forensic analysis, and cloud environments, with a strong background supporting classified or government cyber operations.

Key Responsibilities

• Engineer, develop, and deploy cybersecurity threat detection capabilities, alerts, and analytics across enterprise environments
• Design, implement, and optimize security detections and dashboards using Splunk SPL and Microsoft Sentinel
• Perform Splunk backend engineering, including log and data onboarding, ingestion pipelines, visualization, testing, and validation
• Leverage cyber threat intelligence to improve detection logic, reduce false positives, and enhance analytic fidelity
• Design, implement, and optimize cybersecurity data pipelines to support monitoring, analytics, and response workflows
• Implement, operate, maintain, and optimize Security Orchestration, Automation, and Response (SOAR) tools and platforms
• Establish data baselines and detect anomalous or malicious activity across network, endpoint, and cloud environments
• Perform advanced cyber threat analysis, including malware analysis, network traffic analysis, and host-based forensics
• Conduct static and dynamic analysis of known and unknown binary files and reverse engineer compiled software
• Support memory, disk, and network forensic investigations in classified cyber threat environments
• Develop and maintain capabilities across multiple environments, including on-premises and cloud infrastructures
• Collaborate with cross-functional cyber and software development teams in agile or DevSecOps environments

Required Qualifications

• Active Top Secret (TS) security clearance
• Bachelors degree (BS or BA) in Cybersecurity, Computer Science, Engineering, or a related field
• Significant experience in cyber threat detection engineering, alert and analytics development, display, and deployment
• Proficiency in Splunk Search Processing Language (SPL)
• Hands-on experience with Splunk and Microsoft Sentinel
• Experience with data sourcing, integration, and analysis to establish baselines and identify anomalies
• Experience implementing, operating, and optimizing SOAR systems and tools
• Experience engineering and maintaining cybersecurity solutions within Linux environments
• Minimum of(8) years of experience, including Bash, PowerShell, Python, SQL, and Java
• Cloud engineering experience, including AWS and Azure GovCloud environments

Preferred Certifications

• GIAC Continuous Monitoring Certification (GMON)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Network Forensic Analyst (GNFA)

Preferred Experience

• Professional experience supporting cyber intrusion detection and response operations
• Experience with malware reverse engineering and functional analysis of source code and scripts
• Experience analyzing technical data within advanced cyber threat environments
• Experience working in team-based software development or cyber operations environments

CULTURE REQUIREMENTS:

• Engineers, Analysts, and Developers at Cintel, Inc. are highly motivated, technical, and selforganized. We place a lot of trust in our team members to develop technical solutions for illdefinedproblems (i.e. thrive in an environment where the problem is vague, requirements are lacking, and a solution is not obvious). We need problem solvers.
• We want our team members to be selfmotivated and eager to learn new skills. If you consider yourself a jackofalltrades, and are eager to keep up with the latest trends in technology,youll fit right in.

ABOUT CINTEL, INC:

Cintel Inc. is a Small Business providing strategies and services to support an array of Government clients in Software Development, Operational/Tactical and Installation/Facilities Energy, Cyber Security, Modeling and Simulation, Data Science, and Programmatic support.

We offer our clients nimble, unique, and value focused solutions with an emphasis on people, connectivity, communication, and teamwork. Our team believes that people drive solutions. By connecting people, information, teams, and experience we deliver solutions that respond to customer needs.

It is the policy of Cintel that all persons are entitled to equal employment opportunity regardless of their race, color, religion, sex (including gender identity, sexual orientation, and pregnancy), national origin, age (40 or older), disability, genetic information, or veteran status. These policies shall ensure that the practice of nondiscrimination will be applied in the employment, promotion, upgrading, demotion, transfer, layoff, termination, recall or rehire of personnel. Equal employment opportunity applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation, and training.

Cintel, Inc. expressly prohibits any form of unlawful employee harassment or discrimination based on any of the characteristics mentioned above. Improper interference with the ability of other employees to perform their expected job duties is not tolerated.