Cybersecurity Detection Engineer

4 months ago


Washington, United States The Tatitlek Corporation Full time
Overview

The detection engineer blends technical skills, threat research experience, and knowledge of adversary techniques to work with new and existing data sources to create high fidelity, actionable alerts the ITSO SOC can use to quickly and effectively identify, analyze, and eradicate cybersecurity threats.

This individual will be familiar with adversary Tactics, Techniques, and Procedures (TTPs), and will identify opportunities to improve the effectiveness of existing detection efforts. They will be responsible for developing methodologies to maintain and maximize the integrity and effectiveness of existing alerting through the creation, periodic review, testing, and validation of custom detection content.

Additionally, they will leverage cybersecurity threat intelligence and collaborate with the SOC's incident response teams to meet operational needs and defend against real-world threats.

The minimum qualifications are as follows:

1. A minimum of three years of experience working in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel.
2. Experience with the processes to add/update/delete detection rules in Splunk Enterprise Security and Microsoft Sentinel.
3. Proficient in detection engineering methodologies including SNORT and YARA rules.
4. Proficient in Python programming, Bash, and PowerShell.
5. Proficient in Splunk's Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM).
6. Knowledgeable and experienced in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations.
7. Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers and Endpoint Detection and Response (EDR).
8. Knowledge of Windows Sysinternal Suite (including Sysmon) Unix auditd, and how to tune configuration files for identification of malicious activity.
9. At least one of the following certifications: Splunk Enterprise Security Certified Admin credential or have passed the AZ-500 Microsoft Azure Security Technologies exam.

ADDITIONAL QUALIFYING FACTORS:

A satisfactory background screening, negative drug test, positive references and proof of identity and legal authorization to work in the United States and for TTO are required.

The Tatitlek Corporation gives hiring, promotion, training and retention preference to Tatitlek shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.

As an equal opportunity employer, The Tatitlek Corporation recognizes that our strength lies in our people. Discrimination and all unlawful harassment, including sexual harassment, in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected Veteran's status or employment.

Salary

$165k/annually

  • Washington, United States Tatitlek Business Services, Inc. (TBSI) Full time

    Cybersecurity Detection EngineerJob Locations: US-DCID: 2024-2142Category: Information TechnologyPosition Type: Regular Full-TimeFLSA Status: ExemptOverviewThe detection engineer blends technical skills, threat research experience, and knowledge of adversary techniques to work with new and existing data sources to create high fidelity, actionable alerts the...


  • Washington, Washington, D.C., United States Booz Allen Hamilton Full time

    Job SummaryWe are seeking a highly skilled Senior Cybersecurity Engineer to join our team. As a key member of our cybersecurity team, you will be responsible for developing and implementing technical security solutions to mitigate security vulnerabilities.Key ResponsibilitiesDevelop and implement cross-domain security solutions in alignment with...


  • Washington, United States Kapili Services, LLC Full time

    The Alaka`ina Foundation Family of Companies (FOCs) is looking for a Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.DESCRIPTION OF RESPONSIBILITIES:Responsible for supporting the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain, to...


  • Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full time

    Cybersecurity Engineer Job DescriptionWe are seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Key Responsibilities:Support the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Manage firewall configurations, host...


  • Washington, Washington, D.C., United States The Tatitlek Corporation Full time

    Job SummaryThe Tatitlek Corporation is seeking a skilled Cybersecurity Threat Hunter to join our team. As a key member of our security operations team, you will be responsible for identifying and mitigating cybersecurity threats using advanced threat intelligence and detection techniques.Key ResponsibilitiesDevelop and implement threat hunting strategies to...


  • Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full time

    Cybersecurity Engineer Job DescriptionWe are seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Key Responsibilities:Support the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Manage firewall configurations, host...


  • Washington, United States MBO Partners Full time

    MBO Partners is a deep jobs platform that connects and enables independent professionals and microbusiness owners to do business safely and effectively with enterprise organizations. Its unmatched experience and industry leadership enable it to operate on the forefront of the independent economy and consistently advance the next way of working. Duration:...


  • Washington, United States Loginsoft Full time

    Job Title: Chief Cybersecurity Solutions Officer (CCSO) Location: Washington, DC - Metro Full Time About LoginSoft: LoginSoft is a renowned provider of cybersecurity engineering services, specializing in delivering customized solutions to clients in the cybersecurity industry. With a strong track record of partnering with leading cyber product companies, we...


  • Washington, United States Loginsoft Consulting LLC Full time

    Job Title: Chief Cybersecurity Solutions Officer (CCSO)Location: Washington, DC - MetroFull TimeAbout LoginSoft:LoginSoft is a renowned provider of cybersecurity engineering services, specializing in delivering customized solutions to clients in the cybersecurity industry.With a strong track record of partnering with leading cyber product companies, we have...


  • Washington, United States Eliassen Group Full time

    **Job Title:** Lead Security Engineer**Job Summary:**Eliassen Group is seeking a highly skilled Lead Security Engineer to support a large federal integrator in the implementation of IPv6 networking capabilities. This 6-month contract to hire opportunity is hybrid, with a requirement to work 2 days a week onsite at HQ Washington DC.**Key Responsibilities:**...


  • Washington, United States MBO Partners Full time

    MBO Partners is a deep jobs platform that connects and enables independent professionals and microbusiness owners to do business safely and effectively with enterprise organizations. Its unmatched experience and industry leadership enable it to operate on the forefront of the independent economy and consistently advance the next way of working. Duration:...


  • Washington, Washington, D.C., United States Amentum Full time

    Job Title: Cybersecurity Engineer IIIJob Summary:We are seeking a highly skilled Cybersecurity Engineer III to join our team at Amentum. As a key member of our engineering team, you will be responsible for designing, developing, and implementing secure networking, computing, and enclave environments.Responsibilities:Participate as the primary security...


  • Washington, Washington, D.C., United States Aloden, Inc. Full time

    Job Title: Cybersecurity Operations SpecialistAbout the Role:Aloden, Inc. is seeking a highly skilled Cybersecurity Operations Specialist to join our team. As a key member of our security operations team, you will be responsible for monitoring and analyzing security-related data from various sources, including SIEM systems, threat intelligence feeds, and...


  • Washington, Washington, D.C., United States Anvilogic Inc Full time

    About Anvilogic IncAnvilogic Inc is a Palo Alto-based AI cybersecurity startup founded by security veterans and data scientists from Fortune 500 companies. Our mission is to democratize threat detection and hunting for today's SOC teams to easily be done across hybrid, multi-clouds and security data lakes without needing to centralize data or rip and replace...


  • Washington, Washington, D.C., United States SAIC Full time

    Job Summary:SAIC is seeking a highly skilled Cybersecurity Architect to support the Department of Transportation's Cybersecurity mission by designing and implementing secure IPv6 network architectures. The ideal candidate will have experience with network security tools and technologies, as well as excellent communication and interpersonal skills to...


  • Washington, United States MSR Technology Group Full time

    # of Positions: 1Interview type: Webcam Rate: $70/hr on W2 - No C2CWe are seeking a highly experienced Cybersecurity Architect / Strategic Consultant to lead and guide the development, implementation, and evolution of customer cybersecurity strategy. This role demands a deep understanding of cybersecurity frameworks, risk management, emerging technologies,...


  • Washington, Washington, D.C., United States ST2 ManTech Advanced Systems Intl Full time

    Safeguard our Nation's Security, Unlock Your FutureAt ST2 ManTech Advanced Systems Intl, we're seeking a highly skilled Cybersecurity Engineer to join our team. As a leading provider of innovative solutions, we're committed to protecting our nation's security while empowering our employees to reach their full potential.About the Role:The ideal candidate will...

  • Systems Engineer

    3 weeks ago


    Washington, United States PKH Enterprises Full time

    Job DescriptionJob Description*This opportunity is primarily remote. Only occasional meetings in the Washington, DC area, candidates must be local.Job Title: Systems Engineer – Cyber Security (Intermediate) / Security EngineerJob Summary: We are seeking an experienced Systems Engineer – Cyber Security (Intermediate) to serve as a Security Engineer...


  • Washington, Washington, D.C., United States ManTech Full time

    Job SummaryManTech is seeking a highly skilled Cybersecurity Engineer to join our team in Washington DC. As a key member of our team, you will be responsible for identifying information protection needs for an IS and Network Environment, defining security requirements, and designing security architectures.Responsibilities Identify information protection...


  • Washington, United States SAIC Full time

    A trusted leader in cloud, digital engineering, data, and Artificial Intelligence, the nation looks to SAIC to integrate emerging technology to modernize critical missions and enable its national imperatives. To address the growing demands within the Department of Defense, SAIC is seeking a highly skilled and dynamic Chief Cybersecurity Engineer to join our...