Correlation Engineer

Job description

Responsibilities We are seeking a highly skilled and innovative Correlation Engineer to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities: - Design, develop, and refine correlation logic and detection content for SIEM and analytics platforms to link events, logs, and telemetry into actionable security narratives. - Analyze threat trends, historical incidents, and attack patterns to create correlation scenarios that reveal multi‑stage campaigns, lateral movement, insider activity, and stealthy behaviors. - Test, tune, and validate correlation rules to balance detection coverage against analyst workload; document rule behavior, performance characteristics, and operational runbooks. - Collaborate with SOC analysts, threat hunters, data engineers, and tool owners to improve data quality, field mappings, normalization, and telemetry enrichment for robust correlation. - Implement automated enrichment, suppression, and tuning strategies to reduce false positives and optimize alert fidelity. - Maintain correlation content lifecycle: version control, peer review, QA testing, deployment, and rollback procedures. - Develop metrics and dashboards to me...