Threat Detection Engineer SME
2 weeks ago
Gray Tier Technologies is seeking a Threat Detection Engineer for a new customer on a highly-visible and strategic Cybersecurity Task Order. The Threat Detection Engineer will:
- Capture use cases from subscribers or other team members and develop correlation rules
- Utilize knowledge of latest threats and attack vectors to develop Splunk correlation rules for continuous monitoring
- Develop, manage, and maintain Splunk data models
- Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases
- Develop custom regex to create custom knowledge objects
- Developing custom SPL using macros, lookups, etc., and network security signatures such as SNORT and YARA
- Develop custom dashboards and reports for customer stakeholders
Train and mentor junior staff
- Bachelor's Degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS at least eight (8) years of experience in incident detection and response, malware analysis, or cyber forensics
- Extensive experience working with various security methodologies and processes
- Advanced knowledge of TCP/IP protocols, experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices
- Expert knowledge in two or more of the following areas related to cybersecurity:
Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Web-filtering, Advanced Threat Protection - Experience developing advanced correlation rules utilizing Stats and data models for cyber threat detection
- Experienced with creating and maintaining Splunk knowledge objects
- Experienced managing and maintaining Splunk data models
- Experience creating regex for pattern matching
- Experience implementing security methodologies and SOC processes
- Top Secret clearance
- Experience with cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape
- Completed Splunk Advance Searching and Reporting training
- Experience developing custom scripts using python
- Splunk certifications
-
Lead Threat Intelligence
1 day ago
Arlington, United States Rapid7 Full timeLead Threat Intelligence & Detection Engineer, Threat Intelligence & Detection EngineeringAbout the TeamRapid7’s Threat Intelligence & Detection Engineering (TIDE) team is built from the ground up to provide our customers with high-fidelity threat detections and alerting that limit threat actor dwell time and impact across our customers' ecosystems. Our...
-
Senior Detection Operations Engineer
4 days ago
Arlington, Virginia, United States Rapid7 Full timeSenior Detection Operations Engineer, Threat Intelligence & Detection EngineeringDo you enjoy information security research and threat intelligence? Do you have experience tracking nation state and cyber criminal threat actors? Would you like the opportunity to research and report on the latest threats and techniques used by attackers? Rapid7 Managed...
-
Senior Detection Operations Engineer
3 days ago
Arlington, United States Rapid7 Full timeSenior Detection Operations Engineer, Threat Intelligence & Detection Engineering Do you enjoy information security research and threat intelligence? Do you have experience tracking nation state and cyber criminal threat actors? Would you like the opportunity to research and report on the latest threats and techniques used by attackers? Rapid7 Managed...
-
Lead Threat Intelligence
1 day ago
Arlington, Virginia, United States Rapid7 Full timeLead Threat Intelligence & Detection Engineer, Threat Intelligence & Detection EngineeringAbout the TeamRapid7's Threat Intelligence & Detection Engineering (TIDE) team is built from the ground up to provide our customers with high-fidelity threat detections and alerting that limit threat actor dwell time and impact across our customers' ecosystems. Our TIDE...
-
Sr. Cyber Security Subject Matter Expert
1 month ago
Arlington, United States BCMC Full timeJob DescriptionJob DescriptionBCMC is supporting a U.S. Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment including introducing new cyber capabilities to address emerging threats.We are seeking a Sr. Cyber Security Subject Matter Expert (SME) who can...
-
Detection and Response Analyst
4 days ago
Arlington, Virginia, United States Rapid7 Full timeDetection & Response AnalystWe are looking for people with a passion for investigation and forensic analysis to join our MDR SOC team at Rapid7. As a Detection & Response Analyst, you will utilize Rapid7's advanced tools to investigate and triage security events and work side-by-side Rapid7's Incident Response Consultants to investigate incidents ranging...
-
Cyber Threat Tech
1 month ago
Arlington, United States Latitude, Inc. Full timeJob DescriptionJob DescriptionWe are seeking a Cyber Threat Technician to join our team of cybersecurity professionals. The ideal candidate will have experience in threat detection and response and a CompTIA Security+ certification. The Cyber Threat Technician will work closely with other members of the cybersecurity team to detect, analyze, and respond to...
-
Cyber Threat Analyst
2 weeks ago
Arlington, United States Node.Digital Full timeNode.Digital Market leader in Digital Transformation & Automation using Artificial Intelligence and Machine Learning View company page Node is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and...
-
ICS Cyber Threat Intelligence Analyst
3 days ago
Arlington, United States STEMBoard Full timeJob DescriptionJob DescriptionCurrently hiring an Industrial Control System Cyber Threat Intelligence Analyst for its Federal Strategic Cyber program in Arlington, VA. In this role, you will:Integrate multiple intelligence sources to develop products, recommendations, and inform priorities for the organization. Perform research and investigates current...
-
Arlington, United States Peraton Full timeAbout Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our...
-
Arlington, United States Peraton Full timeAbout Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our...
-
Software Engineer SME
1 month ago
Arlington, United States American Systems Corporation Full timeAre you an experienced Software Engineer, SME with expertise in software code and algorithm analysis, and Automated Information and Machine Learning (AI / ML) concepts and techniques? Do you have experience in organizing, planning, directing, and managing a team of Software Engineers performing code analysis? If so, then we have a great opportunity for you...
-
Zero Trust Applications and Workload SME
3 days ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob DescriptionZERO TRUST APPLICATIONS AND WORKLOADS SMEMILITARY FRIENDLY & PREFERRED - HOH SPONSOrZermount Inc. is seeking a Zero Trust (ZT) Applications and Workloads SME to assist in providing security to one of our federal clients. The ZT Applications and Workloads SME will be part of the implementation of ZT principles across the pillars...
-
Cyber Threat Analyst
2 months ago
Arlington, United States Node.Digital Full timeJob DescriptionJob DescriptionCyber Threat AnalystLocation: Arlington, VAMust have Top Secret ClearanceNode is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel...
-
Cyber Threat Analyst
2 weeks ago
Arlington, United States Node.Digital Full timeCyber Threat AnalystLocation: Arlington, VAMust have Top Secret Clearance Node is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to...
-
Integration SME
1 week ago
Arlington, United States ECS Limited Full timeECS is seeking an Integration SME / Developer to work in our Arlington, VA office (hybrid).Please Note: This position is contingent upon contract award. Job Description: ECS is seeking talented professionals who love a challenge to join us in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the...
-
Force Operations SME
5 days ago
Arlington, United States Ventus Solutions Full timeDescription Ventus Executive Solutions (VES) is seeking an experienced and technically proficient Force Operations SME to join an exciting team with the Office of the Undersecretary of Defense for Research and Engineering (OUSD(R&E)). This opportunity is ideal for an experienced, self-starting, detail-oriented, and technically proficient individual to...
-
Force Operations SME
3 days ago
Arlington, United States Ventus Solutions Full timeDescription Ventus Executive Solutions (VES) is seeking an experienced and technically proficient Force Operations SME to join an exciting team with the Office of the Undersecretary of Defense for Research and Engineering (OUSD(R&E)). This opportunity is ideal for an experienced, self-starting, detail-oriented, and technically proficient individual to...
-
Data Analyst Sme
1 month ago
Arlington, United States Galapagos Federal Systems, LLC Full time**Job Title**: Data Analyst SME -4155 **Job Location**: Arlington, VA 22202 **Job Summary** Galapagos Federal Systems LLC is looking for an enthusiastic, well-qualified individual to fill the Data Analyst Subject Matte Expert (SME) position and to join our team of qualified, diverse individuals. The Data Analyst SME needs extensive experience in utilizing...
-
Senior Splunk Engineer
1 week ago
Arlington, United States Motion Recruitment Full timeSenior Splunk Engineer The company is looking for creative individuals interested in helping grow something truly unique in their markets. While the ideal candidate is great at independently getting their work done, at the same time they are a team player who readily and proactively contributes to team activities to both the team and client’s consistent...