1

Siem Content Developer Jobs (NOW HIRING)

SOC Content Developer-Atlanta, GA

Atlanta, GA ยท On-site

$118K - $123K/yr

Splunk Content Developer-Atlanta, GA Required Education: Bachelor's Degree in Information ... Ability to interact with end users to gather requirements, optimize existing SIEM processes and ...

Senior SIEM Engineer

Washington, DC ยท On-site

$130K - $145K/yr

The Senior SIEM Engineer will serve as a technical lead for SIEM operations, log onboarding, detection content development, dashboarding, alert tuning, incident triage, continuous monitoring ...

Help build repeatable processes for log source onboarding and SIEM content management (runbooks ... Coordinate with cloud engineering, Security Architecture, and SecOps teams to plan and execute ...

Senior SIEM Engineer

$114K - $156K/yr

Eight or more years of cybersecurity engineering experience, with at least five years dedicated to SIEM architecture, administration, and content development. * Hands-on experience designing and ...

Senior SIEM Engineer

$117K - $160K/yr

Eight or more years of cybersecurity engineering experience, with at least five years dedicated to SIEM architecture, administration, and content development. * Hands-on experience designing and ...

next page

Showing results 1-20

Siem Content Developer information

See salary details

$29.5K

$116.6K

$129K

How much do siem content developer jobs pay per year?

As of Jul 12, 2026, the average yearly pay for siem content developer in the United States is $116,615.00, according to ZipRecruiter salary data. Most workers in this role earn between $123,000.00 and $128,000.00 per year, depending on experience, location, and employer.

What are some common daily responsibilities of a Siem Content Developer?

Siem Content Developers typically spend their days creating and refining detection rules, correlation searches, and security alerts within SIEM platforms to identify suspicious activities. They work closely with security analysts to understand emerging threats, tune existing content for accuracy, and research new attack techniques to ensure early detection. Regular responsibilities also include analyzing security logs, testing and documenting new rules, and collaborating with IT or incident response teams to translate business risk into technical controls. This collaborative and analytical environment helps foster ongoing professional development and deeper expertise in threat detection.

What are the key skills and qualifications needed to thrive in the Siem Content Developer position, and why are they important?

A successful Siem Content Developer possesses strong cybersecurity expertise, experience with SIEM platforms (such as Splunk, IBM QRadar, or ArcSight), and the ability to write detection rules and correlation logic. Familiarity with scripting languages, threat intelligence sources, and relevant certifications like CISSP or CompTIA Security+ are highly valuable. Excellent problem-solving, collaboration, and communication skills help developers work effectively with security teams and stakeholders. These competencies ensure the development of accurate, actionable detection content, keeping organizations protected from evolving cyber threats.

What is a SIEM Content Developer job?

A SIEM Content Developer is responsible for designing, creating, and optimizing security information and event management (SIEM) content such as correlation rules, dashboards, alerts, and reports. Their role involves analyzing security events, identifying threats, and enhancing detection capabilities. They work closely with security analysts and engineers to fine-tune SIEM configurations, improve threat detection, and reduce false positives. This role requires expertise in log analysis, threat intelligence, and scripting to customize SIEM solutions for an organization's security needs.

What cities are hiring for Siem Content Developer jobs? Cities with the most Siem Content Developer job openings:
What are the most commonly searched types of Siem Content Developer jobs? The most popular types of Siem Content Developer jobs are:
Infographic showing various Siem Content Developer job openings in the United States as of July 2026, with employment types broken down into 1% Internship, 72% Full Time, 24% Part Time, 1% Temporary, and 2% Contract. Highlights an 76% Physical, 3% Hybrid, and 21% Remote job distribution, with an average salary of $116,615 per year, or $56.1 per hour.
SOC Content Developer-Atlanta, GA

SOC Content Developer-Atlanta, GA

iSenpai, LLC

Atlanta, GA โ€ข On-site

$118K - $123K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 21 days ago


Job description

iSenpai is a Woman Owned Small Business (WOSB) that provides enterprise IT and cyber security services, cloud technology, and data analytics solutions for US Government and commercial customers. We specialize in cloud-based solutions with cyber security integrated into the design, delivered using efficient Agile DevSecOps. Engaging across industry and academia to develop innovative approaches, we support our customers' changing mission needs and data. Our iSenpai designs are industry proven to handle enormous data streams from open source, Internet of Things (IOT), cyber tools, and social media. We bring expertise with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and the Risk Management Framework (RMF) to maintain secure, scalable, and highly available systems to meet the mission. Our goal is to provide expert services to our clients while cultivating knowledge among all employees for the advancement of our services. We offer a comprehensive package of 100% employer paid benefits, including medical, dental, vision, HSA Contribution, 401K match, and more.
iSenpai offers an extremely competitive benefits package to include:
  • Extremely Competitive Salary
  • Health, Dental, Vision Insurance Premiums are 100% provided by iSenpai for employees and eligible dependents
  • Personal Accident Insurance provided by iSenpai
  • Life Insurance provided by iSenpai
  • Short and Long Term Disability Insurance provided by iSenpai
  • 401K Contribution Matching - 5% dollar for dollar
  • 401K Profit Sharing based on company performance
  • Paid time off (PTO) starting at 4 weeks a year (20 days)
  • PTO buy back program
  • 11 paid Federal Holidays
  • Reimbursement for any wellness programs and/or work life balance programs
  • Reimbursement for cell phone plans
  • Reimbursement for home internet
  • Reimbursement every 2 years for a cell phone upgrade
  • Thousands of discounts on everything from your cell phone bill, to NFL tickets, Movie Tickets, Live Performances, etc
  • Rewards for obtaining new IT certifications
  • Computer-based training (CBT) library on IT and information security topics and certifications
  • Remote access to a virtual lab for testing/learning opportunities
  • Flexible / Alternative Work Schedules (based on customer requirements)

iSenpai is an equal opportunity / affirmative action employer. We give equal consideration to all qualified candidates without regard to race, color, gender, nationality, disability or protected veteran status.
NOTE: To all recruitment and staffing agencies: iSenpai does not accept agency resumes or soliciting of your services. Please do not forward resumes to our jobs alias, iSenpai employees or any other company location. iSenpai is not responsible for any fees related to unsolicited resumes or staffing services. Do not attempt to solicit your services.
Splunk Content Developer-Atlanta, GA
Required Education: Bachelor's Degree in Information Technology or related field
Required Experience: 6 years Splunk Content Development experience
Work Location: Atlanta, GA
Clearance Required: Active Public Trust or DoD Security Clearance
Description:
Splunk Content Developer is responsible for developing, customizing, and configuring Splunk apps and dashboards. The candidate will build and integrate content in a Splunk Core and ES environment and provide technical support to NOC and SOC customers in order to detect, hunt, and mitigate cyber threats. Ability to interact with end users to gather requirements, optimize existing SIEM processes and leverage Splunk technology to improve detection and analysis methods. Reviews and recommends cyber security solutions to customer problems based on an understanding of products/systems test results. Provides Splunk support and guidance to NOC and SOC analysts, improve efficiency of NOC and SOC analysts, operates under deadlines, and is able to work on multiple tasks.
Responsibilities:
  • Support the day-to-day operation of a highly available distributed multi-clustered multi-tenant Splunk deployment
  • Create queries, dashboards, and visualizations to support customer requirements and monitoring of the Splunk deployment
  • Develop custom functions utilizing REST endpoints and integrating technologies with Splunk
  • Create and manage Splunk knowledge objects to include apps, dashboards, alerts, extractions, tags, workflow actions, and aliases
  • Develop content with regular expressions, performing data interpretation classification, and enrichment
  • Develop reports for operational activities and to meet NOC and SOC customer requirements
  • Facilitate excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
  • Provide resources and certified personnel necessary with extensive knowledge of Splunk

Required Qualifications:
  • Flexibility to meet any threat scenario 24/7/365 as mission dictates.
  • Must be a US Citizen with an active DoD Public Trust Clearance.

Desirable Qualifications:
  • Holds one or more Splunk certifications (Power User, Administrator, ES Developer, etc)
  • Experience or a desire to learn advanced SOC methodologies using Splunk ES
  • Experience or a desire to learn NOC technologies
  • Experience with Security Orchestration, Automation and Response (SOAR) tools and technologies (e.g. Splunk Phantom, Ansible, Python, etc.)