2

Full Time Siem Content Developer Jobs (NOW HIRING)

Sr Security Analyst

Scott Air Force Base, IL · On-site

$92K - $121K/yr

Threat Detection Engineering (Analyst-led): Implement and improve log-based and endpoint-based ... Develop and tune SIEM content such as detection rules, machine learning rules, dashboards, and ...

Senior Security Engineer

Fort Belvoir, VA · On-site

$129K - $177K/yr

Maintain and update SIEM content (dashboards, alerts, reports) in alignment with IR playbooks and ... We offer our full-time employees a competitive benefits package to include health, dental, vision ...

Senior Security Engineer

Fort Belvoir, VA

$129K - $177K/yr

Maintain and update SIEM content (dashboards, alerts, reports) in alignment with IR playbooks and ... We offer our full-time employees a competitive benefits package to include health, dental, vision ...

Senior Security Engineer

Fort Belvoir, VA

$129K - $177K/yr

We offer our full-time employees a competitive benefits package to include health, dental, vision ... Maintain and update SIEM content (dashboards, alerts, reports) in alignment with IR playbooks and ...

Fulltime // Permanent Note: If you don't have QRADAR experience, Good SIEM Experience will also ... SIEM Engineer is responsible for supporting the event logging and correlation needs of a large ...

next page

Showing results 1-20

Full Time Siem Content Developer information

See salary details

$29.5K

$116.6K

$129K

How much do full time siem content developer jobs pay per year?

As of Jul 13, 2026, the average yearly pay for full time siem content developer in the United States is $116,615.00, according to ZipRecruiter salary data. Most workers in this role earn between $123,000.00 and $128,000.00 per year, depending on experience, location, and employer.

What is the difference between Full Time Siem Content Developer vs Security Analyst?

AspectFull Time Siem Content DeveloperSecurity Analyst
Primary RoleDevelops and maintains SIEM content, rules, and alertsMonitors security systems, analyzes threats, and responds to incidents
Required SkillsSIEM platforms, scripting, security conceptsThreat detection, incident response, security tools
Work EnvironmentSecurity operations centers, IT teamsSecurity operations centers, incident response teams
CertificationsSecurity+, CEH, CISSP (preferred)Security+, CISSP, GCIH

While both roles focus on cybersecurity, a Full Time Siem Content Developer specializes in creating and managing SIEM rules and content, whereas a Security Analyst focuses on monitoring, analyzing, and responding to security threats. The developer builds the tools for detection, and the analyst uses those tools to protect the organization.

What is a Full Time SIEM Content Developer?

A Full Time SIEM Content Developer is a cybersecurity professional responsible for creating, optimizing, and managing security event and information management (SIEM) rules, use cases, and content. Their work involves developing detection logic, alerts, and reports to identify and respond to security threats within an organization. They collaborate closely with security analysts, engineers, and other IT staff to ensure the SIEM platform effectively detects and helps mitigate cyber risks. This role often requires expertise in scripting, threat intelligence, and knowledge of various log sources and attack techniques.

What are the key skills and qualifications needed to thrive as a Full Time SIEM Content Developer, and why are they important?

To thrive as a Full Time SIEM Content Developer, you need expertise in cybersecurity principles, log analysis, scripting (such as Python or PowerShell), and a degree in computer science or a related field. Familiarity with SIEM platforms like Splunk, IBM QRadar, or ArcSight, as well as certifications such as GIAC or CompTIA Security+, is often required. Strong analytical thinking, problem-solving abilities, and effective communication are crucial soft skills for this role. These skills enable the creation of robust detection content, effective incident response, and clear collaboration with security teams to protect organizational assets.

What are some common challenges faced by Full Time SIEM Content Developers when creating and tuning detection rules?

Full Time SIEM Content Developers often encounter challenges such as managing false positives, adapting detection rules to evolving threats, and ensuring compatibility across various log sources. They must continuously fine-tune and update correlation rules to balance effective threat detection with the minimization of unnecessary alerts. Collaboration with security analysts and incident response teams is essential to validate rule effectiveness and adjust logic based on real-world attack scenarios, making ongoing communication and adaptability crucial for success in this role.
More about Full Time Siem Content Developer jobs
What are the most commonly searched types of Siem Content Developer jobs? The most popular types of Siem Content Developer jobs are:
What job categories do people searching Full Time Siem Content Developer jobs look for? The top searched job categories for Full Time Siem Content Developer jobs are:
Cybersecurity Engineer [JOB ID 20260707]

Cybersecurity Engineer [JOB ID 20260707]

Phoenix Cyber

Washington, DC • On-site

$70K - $130K/yr

Full-time

Posted 6 days ago


Job description

Phoenix Cyber is looking for Cybersecurity Engineers to join our client delivery team.
Requirements:
  • Degree in a STEM related discipline and/or a minimum 5 years of experience
  • Prior experience or support of Security Operations and Incident Response
  • Excellent understanding of Cyber Security Operations and Incident Response processes
  • IT certifications such as CySA, CEH, etc
  • Security clearance required

Nice to have:
  • Demonstrated proficiency in cyber security platforms: SOAR, SIEM, IDS/IPS, DLP, WAF, Endpoint Security
  • Linux administration experience
  • Cloud infrastructure experience (AWS, Google, or Azure)

Responsibilities:
  • Provide technical expertise and real-life experience in creating innovative solutions within the cybersecurity space
  • Candidate will develop, support, tune and deploy security solutions
  • Creates WAF rules to mitigate threats and implement security best practices
  • Develop and enhance SIEM content for Cybersecurity teams, including correlations, enrichments, dashboards, reports, and alerts that appropriately illustrate and characterize web application attacks and mitigation mechanisms
  • Develop and implement automations in response to security incidents
  • Ability to navigate and adapt to a fast-paced ever-changing environment with a team of like-minded, cross-functional individuals

Phoenix Cyber is a national provider of cybersecurity engineering services, operations services, sustainment services and managed security services to organizations determined to strengthen their security posture and enhance the processes and technology used by their security operations team.
Phoenix Cyber is an equal opportunity employer and complies with Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act (VEVRAA), all amendments to these regulations, and applicable executive orders, federal, and state regulations. Applicants are considered without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, and/or veteran status.
Phoenix Cyber participates in E-Verify to confirm the employment eligibility of all newly-hired employees. To learn more about E-Verify, including your rights and responsibilities, go to https://www.e-verify.gov/