Cybersecurity Engineering - Penetration Testing & SIEM Integration

Penetration Tester SIEM Integration

Level Description: 8 or more years of experience, relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, may lead and direct the work of others, a wide degree of creativity and latitude isexpected.

Job Description: Researching, designing, implementing and managing software programs. Testing and evaluating new programs. Working closely with other developers, UX designers, business and systems analysts.

Position Summary: The Software Developer III will serve within the HHSC Chief Information Security Office (CISO) to design, develop, and support cybersecurity engineering solutions that enhance penetration testing capabilities, security automation, and Security Information and Event Management (SIEM) integrations. This role will focus on building secure APIs, automation scripts, and tool integrations that enable scalable security testing, continuous monitoring, and data-driven threat detection across HHSC environments. The position requires strong software development expertise combined with hands-on cybersecurity engineering skills, including Kali Linux server deployment, penetration testing toolchain support, SIEM data ingestion, and security automation scripting. This role directly supports HHSC's Zero Trust, continuous monitoring, and security operations modernization initiatives.

Primary Responsibilities

Security Engineering & Development:

• Design and develop secure software components, APIs, and microservices to support penetration testing workflows and security automation.
• Build custom integrations between penetration testing platforms, vulnerability scanning tools, and enterprise SIEM platforms.
• Develop data ingestion pipelines to normalize and forward security telemetry into Splunk and other SIEM platforms.
• Create automation scripts to orchestrate security testing, evidence collection, and reporting processes.
• Support integration of security testing results into governance, risk, and compliance (GRC) platforms.

Penetration Testing Enablement:

• Build and maintain Kali Linux-based penetration testing infrastructure, including virtualized and cloud-hosted environments.
• Configure and manage penetration testing toolchains, frameworks, and supporting services.
• Develop custom exploit scripts, test harnesses, and proof-of-concept code to validate security findings.
• Support red team and application penetration testing engagements through automation and tool development.

SIEM & Security Operations Integration:

• Develop APIs and connectors to integrate security tools with enterprise SIEM platforms.
• Implement log parsing, enrichment, and normalization logic to improve detection fidelity.
• Automate alert enrichment, correlation, and reporting workflows.
• Collaborate with CSOC teams to align development efforts with detection and monitoring requirements.

Scripting & Automation:

• Develop scripts using Python, PowerShell, Bash, or similar languages to automate security operations and testing processes.
• Implement CI/CD pipelines for security tooling and integration code.
• Maintain version control repositories and documentation for developed solutions.

Security & Compliance Alignment:

• Ensure developed solutions comply with HHSC security standards, DIR security control requirements, and NIST-based frameworks.
• Participate in architecture reviews, risk assessments, and technical design sessions.
• Produce technical documentation, configuration guides, and operational runbooks.

Required Qualifications – Software Developer III

Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent experience). 3–5 years of professional software development experience. Proficiency in one or more programming languages: Python, Java, JavaScript, or C#. Experience developing REST APIs and integrating enterprise platforms. Hands-on scripting experience (Python, Bash, PowerShell). Experience deploying and administering Linux systems. Familiarity with SIEM platforms (Splunk, Sentinel, or equivalent). Knowledge of cybersecurity fundamentals and secure coding practices.

Additional Qualifications – Software Developer III

5–8 years of professional software development experience. Advanced experience building security automation and platform integrations. Hands-on experience with penetration testing tools and Kali Linux environments. Experience developing security data pipelines and SIEM integrations. Experience with containerization and virtualization (Docker, VMware, cloud-hosted labs). Ability to design scalable and resilient security tool architectures. Experience working in regulated or government environments preferred.

Preferred Certifications

OSCP, CEH, or equivalent penetration testing certification. Splunk Certified Developer or SIEM integration experience. Security+, CISSP, or equivalent security certification. Linux administration certification.

Key Competencies

Secure software development API and systems integration Security automation and orchestration Penetration testing toolchain engineering SIEM and log pipeline development Linux server administration Technical documentation and collaboration

This role enables HHSC to:

• Scale penetration testing operations through automation
• Integrate security testing outputs into continuous monitoring
• Strengthen threat detection through enriched SIEM telemetry
• Reduce manual security operations effort
• Support Zero Trust and continuous compliance objectives

Terms of Service

Services are expected to start 03/23/2026 and are expected to complete by 08/31/2026. Total estimated hours per Candidate shall not exceed 1167 hours. This service may be amended, renewed, and/or extended providing both parties agree to do so in writing.