IT Cybersecurity Specialist

Serves as the Cybersecurity Lead for the U.S. Tax Court, acting as the technical authority for cybersecurity engineering, threat detection, and information security operations across on-premises and cloud environments. Leads the design, implementation, and continuous improvement of security monitoring and detection capabilities. Develops, maintains, and executes log analysis and correlation strategies using Security Information and Event Management (SIEM) tools, including the creation, tuning, and automation of Splunk searches, alerts, dashboards, and scripted queries to identify indicators of compromise, anomalous behavior, and policy violations. Leads phishing detection and response activities. Designs and manages technical and procedural controls to prevent, detect, analyze, and respond to phishing and socially engineered attacks. Performs forensic analysis of suspicious emails, headers, URLs, and attachments; coordinates containment and remediation actions; and collaborates with IT