Correlation Engineer with Security Clearance
Not Disclosed•Full-TimeOn-site
location_on904, McDaniel Court, Herndon, Fairfax County, Virginia, 20170, United States
About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. We operate at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. Our employees serve as valued partners to essential government agencies and support every branch of the U.S. armed forces, solving the most daunting challenges our customers face every day.
About the Role
We are seeking a highly skilled and innovative Correlation Engineer to join our team in the greater DMV area, specifically supporting the Army National Guard. In this role, you will be the architect behind the security narratives that protect our critical infrastructure. Your work will bridge the gap between raw telemetry and actionable intelligence, transforming complex data streams into clear stories of threat activity.
You will partner with SOC analysts, threat hunters, and data engineers to refine the logic that detects multi-stage campaigns, lateral movement, and stealthy insider behaviors. Your day-to-day involves designing and tuning correlation rules for enterprise SIEM platforms, ensuring that detection coverage is balanced against analyst workload. You will lead post-incident analysis to derive new detection use cases and drive continuous improvement through measurable metrics like precision, recall, and mean time to detect (MTTD). Beyond technical development, you will mentor SOC staff on investigative workflows and collaborate across teams to ensure data quality and scalable analytics.
Hiring Process
The application period for this role is estimated to be 30 days from the posting date, though this timeline may be adjusted based on business needs and candidate availability. By applying, you express interest in the role and the Company. During the review process, selected candidates may be required to participate in an on-camera interview and a process to verify their identity.
Equal Opportunity
Peraton is an equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
Work location
Work model: On-site
904, McDaniel Court, Herndon, Fairfax County, Virginia, 20170, United States
Similar Job Opportunities
Skills, education and keywords
Skills: Cybersecurity Analytics, Detection Engineering, Soc Content Development, Correlation Rule Development, Enterprise Siems, Log Formats, Telemetry Sources, Normalization, Mapping, Analytic Pipelines.
Education: Master's degree in specified fields OR equivalent DoD training or certification; PhD in specified fields OR equivalent DoD training or certification.
Frequently asked questions about Correlation Engineer with Security Clearance at Peraton
What does a Correlation Engineer with Security Clearance at Peraton do?expand_more
In this Correlation Engineer with Security Clearance at Peraton role, you will design, develop, and refine correlation logic and detection content for siem and analytics platforms; test, tune, and validate correlation rules to balance detection coverage against analyst workload; collaborate with soc analysts and data engineers to improve data quality and telemetry enrichment; and implement automated enrichment, suppression, and tuning strategies to reduce false positives.
What are the requirements for this Correlation Engineer with Security Clearance role?expand_more
Peraton is looking for candidates who meet the following requirements: Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD; Active TS/SCI clearance; Master's degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or related field; OR Relevant DoD/military training; OR Relevant professional certification (CISSP-ISSAP, CISSP-ISSEP, GCIA, GICSP); At least 3 years focused on correlation rule development for enterprise SIEMs; Deep understanding of log formats, telemetry sources, normalization/mapping, and analytic pipelines; and Proven ability to author complex correlation logic, detection rules, and analytic queries (KQL, SPL, Sigma, or vendor-specific languages).