Cybersecurity Detection Engineer

3 months ago


Washington, United States The Tatitlek Corporation Full time
Overview

The detection engineer blends technical skills, threat research experience, and knowledge of adversary techniques to work with new and existing data sources to create high fidelity, actionable alerts the ITSO SOC can use to quickly and effectively identify, analyze, and eradicate cybersecurity threats.

This individual will be familiar with adversary Tactics, Techniques, and Procedures (TTPs), and will identify opportunities to improve the effectiveness of existing detection efforts. They will be responsible for developing methodologies to maintain and maximize the integrity and effectiveness of existing alerting through the creation, periodic review, testing, and validation of custom detection content.

Additionally, they will leverage cybersecurity threat intelligence and collaborate with the SOC's incident response teams to meet operational needs and defend against real-world threats.

The minimum qualifications are as follows:

1. A minimum of three years of experience working in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel.
2. Experience with the processes to add/update/delete detection rules in Splunk Enterprise Security and Microsoft Sentinel.
3. Proficient in detection engineering methodologies including SNORT and YARA rules.
4. Proficient in Python programming, Bash, and PowerShell.
5. Proficient in Splunk's Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM).
6. Knowledgeable and experienced in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations.
7. Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers and Endpoint Detection and Response (EDR).
8. Knowledge of Windows Sysinternal Suite (including Sysmon) Unix auditd, and how to tune configuration files for identification of malicious activity.
9. At least one of the following certifications: Splunk Enterprise Security Certified Admin credential or have passed the AZ-500 Microsoft Azure Security Technologies exam.

ADDITIONAL QUALIFYING FACTORS:

A satisfactory background screening, negative drug test, positive references and proof of identity and legal authorization to work in the United States and for TTO are required.

The Tatitlek Corporation gives hiring, promotion, training and retention preference to Tatitlek shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.

As an equal opportunity employer, The Tatitlek Corporation recognizes that our strength lies in our people. Discrimination and all unlawful harassment, including sexual harassment, in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected Veteran's status or employment.

Salary

$165k/annually

  • Washington, Washington, D.C., United States KMS Solutions Full time

    Job Title: Cybersecurity Systems EngineerAt KMS Solutions, we are seeking a highly motivated and experienced Cybersecurity Systems Engineer to join our team. As a key member of our cybersecurity team, you will be responsible for developing and implementing security solutions to protect our clients' systems and data.Job Summary:The Cybersecurity Systems...


  • Washington, United States Capgemini Government Solutions Full time

    Cybersecurity Threat Detection DeveloperCapgemini Government Solutions is seeking a highly skilled Cybersecurity Threat Detection Developer to join our team. As a Cybersecurity Threat Detection Developer, you will be responsible for developing, implementing, and maintaining SIEM correlation rules and content to support our government clients.Develop and...


  • Washington, United States Capgemini Government Solutions Full time

    About the RoleCapgemini Government Solutions is seeking a highly skilled Cybersecurity Threat Detection Specialist to join our team in supporting our government clients. This role requires a Content Developer to provide support for onsite Insider Threat support services, providing immediate investigation and resolution. Any qualified Cyber Threat Detection...


  • Washington, United States SAIC Full time

    Job SummarySAIC is seeking a highly skilled Senior Cybersecurity Engineer to join our team in supporting the Department of Transportation's Cybersecurity mission. The successful candidate will assist in the implementation of IPv6 networking capabilities and collaborate with a dedicated team of cybersecurity professionals to maintain and enhance the security...


  • Washington, United States SAIC Full time

    Job Role OverviewSAIC is seeking a highly skilled Lead Security Engineer to support the Department of Transportation's Cybersecurity mission. The successful candidate will join a dedicated team of cybersecurity professionals who collaborate, cooperate, and facilitate maintaining and enhancing the security posture of DOT information systems and underlying...


  • Washington, Washington, D.C., United States Booz Allen Hamilton Full time

    Job SummaryWe are seeking a highly skilled Senior Cybersecurity Engineer to join our team. As a key member of our cybersecurity team, you will be responsible for developing and implementing technical security solutions to mitigate security vulnerabilities.Key ResponsibilitiesDevelop and implement cross-domain security solutions in alignment with...


  • Washington, United States Marvell Semiconductor, Inc. Full time

    About MarvellMarvell Semiconductor, Inc. is a leading provider of semiconductor solutions for the data infrastructure that connects our world. Our innovative technology enables new possibilities across enterprise, cloud, and AI, automotive, and carrier architectures.Job DescriptionAs a Detection Engineering Lead at Marvell, you will be a senior-level expert...


  • Washington, United States Eliassen Group Full time

    Job SummaryEliassen Group is seeking a highly skilled Cybersecurity Engineer to support a large federal integrator in the implementation of IPv6 networking capabilities. This 6-month contract to hire opportunity is a hybrid position, requiring 2 days of onsite work at HQ Washington DC.The successful candidate will be sponsored for a Public Trust clearance...


  • Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full time

    Cybersecurity Engineer Job DescriptionWe are seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Key Responsibilities:Support the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Manage firewall configurations, host...


  • Washington, Washington, D.C., United States InsideHigherEd Full time

    Cybersecurity Engineer, Operational TechnologyGeorgetown University is seeking a highly skilled Cybersecurity Engineer, Operational Technology to join our team. As a key member of our Cybersecurity Operational Technology (COT) team, you will be responsible for securing existing and new business processes supporting the institution's technology modernization...


  • Washington, Washington, D.C., United States Alpha Omega Integration, LLC Full time

    Job Title: Cybersecurity Operations SpecialistAlpha Omega Integration, LLC is seeking a highly skilled Cybersecurity Operations Specialist to join our team. The ideal candidate will have hands-on experience monitoring, detecting, and analyzing threats and cybersecurity events to identify and defend against validated intrusion events.Responsibilities:Monitor...


  • Washington, Washington, D.C., United States The Tatitlek Corporation Full time

    Job SummaryThe Tatitlek Corporation is seeking a skilled Cybersecurity Threat Hunter to join our team. As a key member of our security operations team, you will be responsible for identifying and mitigating cybersecurity threats using advanced threat intelligence and detection techniques.Key ResponsibilitiesDevelop and implement threat hunting strategies to...


  • Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full time

    Cybersecurity Engineer Job DescriptionWe are seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Key Responsibilities:Support the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Manage firewall configurations, host...


  • Washington, Washington, D.C., United States ENS Solutions Full time

    Job Title: Splunk & Cribl Engineer - Active TS/SCI RequiredJob Summary:We are seeking a highly skilled Splunk and Cribl engineer to join our team at ENS Solutions. As a Splunk and Cribl engineer, you will be responsible for developing innovative solutions to enable secure and reliable operations of enterprise computer systems. You will implement enterprise...


  • Washington, Washington, D.C., United States The Tatitlek Corporation Full time

    Cybersecurity Threat HunterThe Tatitlek Corporation is seeking a skilled Cybersecurity Threat Hunter to join our team. As a key member of our cybersecurity team, you will be responsible for identifying and mitigating potential security threats to our systems and data.Key Responsibilities:Develop and implement threat hunting strategies to identify and...


  • Washington, Washington, D.C., United States Aloden, Inc. Full time

    Job Title: Cybersecurity SpecialistJob Summary:We are seeking a highly skilled Cybersecurity Specialist to join our team at Aloden, Inc. The ideal candidate will have a strong background in SIEM and security operations, with experience in Splunk, Palo Alto Cortex, and CrowdStrike. Additionally, they should have a solid understanding of threat modeling and...


  • Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full time

    The Alaka`ina Foundation Family of Companies is seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Responsibilities include:Supporting the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Managing firewall...


  • Washington, Washington, D.C., United States ManTech Full time

    ManTech is seeking a skilled Cybersecurity Engineer to support the development of secure information systems and networks.Key Responsibilities:*Design and implement secure architectures for information systems and networks*Develop and integrate cybersecurity-enabled products and solutions*Collaborate with cross-functional teams to identify and mitigate...


  • washington, United States MBO Partners Full time

    MBO Partners is a deep jobs platform that connects and enables independent professionals and microbusiness owners to do business safely and effectively with enterprise organizations. Its unmatched experience and industry leadership enable it to operate on the forefront of the independent economy and consistently advance the next way of working. Duration:...


  • Washington, United States MBO Partners Full time

    MBO Partners is a deep jobs platform that connects and enables independent professionals and microbusiness owners to do business safely and effectively with enterprise organizations. Its unmatched experience and industry leadership enable it to operate on the forefront of the independent economy and consistently advance the next way of working. Duration:...