Cyber Detections Engineer Security Clearance

Position: Cyber Detections Engineer with Security Clearance
Cyber Detection Engineer Position Description
Subject matter expertise in the creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to:

• Network and host-based IDS, IPS, NDR, EDR, firewall, web application firewalls

• Proxy

• Splunk Enterprise Security

• Manages and administers the tuning of rules, signatures, and custom content for specialized CND applications and systems

• Identifies potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts

• Manages inter-agency relationships with partner organizations to facilitate mission execution

• Innovates creative solutions to challenging problems

• Provides logical use case development

• Provides and tracks requirements to engineering partners

• Identifies gaps in visibility or coverage of cyber defense systems

• Prepare and brief management and partner organizations on current state/proposed solutions

• Prepare data analytics and reporting Required Experience/

Skills:

• Excellent interpersonal, organizational, writing, communications, and briefing skills

• Strong analytical and problem solving skills

• Demonstrated expertise utilizing SIEM tools for use case development and application

• Minimum of five years of progressively responsible experience in Cyber Security, Info Sec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management Familiarity with the following classes of enterprise cyber defense technologies:

• Incident Response analysis

• Splunk Enterprise Security

• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

• Security Orchestration Automation and Response (SOAR)

• Endpoint and Network Detection and Response (EDR/NDR)

• User Behavior Analytics (UBA)

• Network and Host malware detection and prevention

• Network and Host forensic applications

• Web/Email gateway security technologies Demonstrated experience in the following preferred:

• Splunk ES

• Python

• Mitre ATT&CK

• Jira

• Tanium

• Carbon Black

• McAfee ePO/NSM

• Palo Alto Networks Required

Certifications:

DOD 8570 IAT Level II or CSSP-IR Preferred Degree:
BS (bachelor's degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline)