Cybersecurity Detection Engineer
3 months ago
The detection engineer blends technical skills, threat research experience, and knowledge of adversary techniques to work with new and existing data sources to create high fidelity, actionable alerts the ITSO SOC can use to quickly and effectively identify, analyze, and eradicate cybersecurity threats.
This individual will be familiar with adversary Tactics, Techniques, and Procedures (TTPs), and will identify opportunities to improve the effectiveness of existing detection efforts. They will be responsible for developing methodologies to maintain and maximize the integrity and effectiveness of existing alerting through the creation, periodic review, testing, and validation of custom detection content.
Additionally, they will leverage cybersecurity threat intelligence and collaborate with the SOC's incident response teams to meet operational needs and defend against real-world threats.
The minimum qualifications are as follows:
1. A minimum of three years of experience working in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel.
2. Experience with the processes to add/update/delete detection rules in Splunk Enterprise Security and Microsoft Sentinel.
3. Proficient in detection engineering methodologies including SNORT and YARA rules.
4. Proficient in Python programming, Bash, and PowerShell.
5. Proficient in Splunk's Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM).
6. Knowledgeable and experienced in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations.
7. Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers and Endpoint Detection and Response (EDR).
8. Knowledge of Windows Sysinternal Suite (including Sysmon) Unix auditd, and how to tune configuration files for identification of malicious activity.
9. At least one of the following certifications: Splunk Enterprise Security Certified Admin credential or have passed the AZ-500 Microsoft Azure Security Technologies exam.
ADDITIONAL QUALIFYING FACTORS:
A satisfactory background screening, negative drug test, positive references and proof of identity and legal authorization to work in the United States and for TTO are required.
The Tatitlek Corporation gives hiring, promotion, training and retention preference to Tatitlek shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.
As an equal opportunity employer, The Tatitlek Corporation recognizes that our strength lies in our people. Discrimination and all unlawful harassment, including sexual harassment, in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected Veteran's status or employment.
Salary
$165k/annually
-
Cybersecurity Systems Engineer
2 weeks ago
Washington, Washington, D.C., United States KMS Solutions Full timeJob Title: Cybersecurity Systems EngineerAt KMS Solutions, we are seeking a highly motivated and experienced Cybersecurity Systems Engineer to join our team. As a key member of our cybersecurity team, you will be responsible for developing and implementing security solutions to protect our clients' systems and data.Job Summary:The Cybersecurity Systems...
-
Cybersecurity Threat Detection Developer
2 weeks ago
Washington, United States Capgemini Government Solutions Full timeCybersecurity Threat Detection DeveloperCapgemini Government Solutions is seeking a highly skilled Cybersecurity Threat Detection Developer to join our team. As a Cybersecurity Threat Detection Developer, you will be responsible for developing, implementing, and maintaining SIEM correlation rules and content to support our government clients.Develop and...
-
Cybersecurity Threat Detection Specialist
2 months ago
Washington, United States Capgemini Government Solutions Full timeAbout the RoleCapgemini Government Solutions is seeking a highly skilled Cybersecurity Threat Detection Specialist to join our team in supporting our government clients. This role requires a Content Developer to provide support for onsite Insider Threat support services, providing immediate investigation and resolution. Any qualified Cyber Threat Detection...
-
Senior Cybersecurity Engineer
2 weeks ago
Washington, United States SAIC Full timeJob SummarySAIC is seeking a highly skilled Senior Cybersecurity Engineer to join our team in supporting the Department of Transportation's Cybersecurity mission. The successful candidate will assist in the implementation of IPv6 networking capabilities and collaborate with a dedicated team of cybersecurity professionals to maintain and enhance the security...
-
Cybersecurity Engineer
2 weeks ago
Washington, United States SAIC Full timeJob Role OverviewSAIC is seeking a highly skilled Lead Security Engineer to support the Department of Transportation's Cybersecurity mission. The successful candidate will join a dedicated team of cybersecurity professionals who collaborate, cooperate, and facilitate maintaining and enhancing the security posture of DOT information systems and underlying...
-
Cybersecurity Engineer, Senior
2 weeks ago
Washington, Washington, D.C., United States Booz Allen Hamilton Full timeJob SummaryWe are seeking a highly skilled Senior Cybersecurity Engineer to join our team. As a key member of our cybersecurity team, you will be responsible for developing and implementing technical security solutions to mitigate security vulnerabilities.Key ResponsibilitiesDevelop and implement cross-domain security solutions in alignment with...
-
Detection Engineering Lead
2 weeks ago
Washington, United States Marvell Semiconductor, Inc. Full timeAbout MarvellMarvell Semiconductor, Inc. is a leading provider of semiconductor solutions for the data infrastructure that connects our world. Our innovative technology enables new possibilities across enterprise, cloud, and AI, automotive, and carrier architectures.Job DescriptionAs a Detection Engineering Lead at Marvell, you will be a senior-level expert...
-
Cybersecurity Engineer
2 weeks ago
Washington, United States Eliassen Group Full timeJob SummaryEliassen Group is seeking a highly skilled Cybersecurity Engineer to support a large federal integrator in the implementation of IPv6 networking capabilities. This 6-month contract to hire opportunity is a hybrid position, requiring 2 days of onsite work at HQ Washington DC.The successful candidate will be sponsored for a Public Trust clearance...
-
Cybersecurity Engineer Position
1 week ago
Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full timeCybersecurity Engineer Job DescriptionWe are seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Key Responsibilities:Support the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Manage firewall configurations, host...
-
Cybersecurity Engineer, Operational Technology
2 weeks ago
Washington, Washington, D.C., United States InsideHigherEd Full timeCybersecurity Engineer, Operational TechnologyGeorgetown University is seeking a highly skilled Cybersecurity Engineer, Operational Technology to join our team. As a key member of our Cybersecurity Operational Technology (COT) team, you will be responsible for securing existing and new business processes supporting the institution's technology modernization...
-
Cybersecurity Operations Specialist
2 weeks ago
Washington, Washington, D.C., United States Alpha Omega Integration, LLC Full timeJob Title: Cybersecurity Operations SpecialistAlpha Omega Integration, LLC is seeking a highly skilled Cybersecurity Operations Specialist to join our team. The ideal candidate will have hands-on experience monitoring, detecting, and analyzing threats and cybersecurity events to identify and defend against validated intrusion events.Responsibilities:Monitor...
-
Cybersecurity Threat Hunter
7 days ago
Washington, Washington, D.C., United States The Tatitlek Corporation Full timeJob SummaryThe Tatitlek Corporation is seeking a skilled Cybersecurity Threat Hunter to join our team. As a key member of our security operations team, you will be responsible for identifying and mitigating cybersecurity threats using advanced threat intelligence and detection techniques.Key ResponsibilitiesDevelop and implement threat hunting strategies to...
-
Cybersecurity Specialist
1 week ago
Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full timeCybersecurity Engineer Job DescriptionWe are seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Key Responsibilities:Support the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Manage firewall configurations, host...
-
Splunk and Cribl Cybersecurity Engineer
3 weeks ago
Washington, Washington, D.C., United States ENS Solutions Full timeJob Title: Splunk & Cribl Engineer - Active TS/SCI RequiredJob Summary:We are seeking a highly skilled Splunk and Cribl engineer to join our team at ENS Solutions. As a Splunk and Cribl engineer, you will be responsible for developing innovative solutions to enable secure and reliable operations of enterprise computer systems. You will implement enterprise...
-
Cybersecurity Threat Hunter
2 weeks ago
Washington, Washington, D.C., United States The Tatitlek Corporation Full timeCybersecurity Threat HunterThe Tatitlek Corporation is seeking a skilled Cybersecurity Threat Hunter to join our team. As a key member of our cybersecurity team, you will be responsible for identifying and mitigating potential security threats to our systems and data.Key Responsibilities:Develop and implement threat hunting strategies to identify and...
-
Cybersecurity Specialist
2 weeks ago
Washington, Washington, D.C., United States Aloden, Inc. Full timeJob Title: Cybersecurity SpecialistJob Summary:We are seeking a highly skilled Cybersecurity Specialist to join our team at Aloden, Inc. The ideal candidate will have a strong background in SIEM and security operations, with experience in Splunk, Palo Alto Cortex, and CrowdStrike. Additionally, they should have a solid understanding of threat modeling and...
-
Cybersecurity Engineer
2 weeks ago
Washington, Washington, D.C., United States Alaka`ina Foundation Family of Companies Full timeThe Alaka`ina Foundation Family of Companies is seeking a highly skilled Cybersecurity Engineer to support our government customer located in Washington, DC. This position is 100% on site.Responsibilities include:Supporting the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain.Managing firewall...
-
Cybersecurity Engineer
2 weeks ago
Washington, Washington, D.C., United States ManTech Full timeManTech is seeking a skilled Cybersecurity Engineer to support the development of secure information systems and networks.Key Responsibilities:*Design and implement secure architectures for information systems and networks*Develop and integrate cybersecurity-enabled products and solutions*Collaborate with cross-functional teams to identify and mitigate...
-
Cybersecurity Engineer
2 weeks ago
washington, United States MBO Partners Full timeMBO Partners is a deep jobs platform that connects and enables independent professionals and microbusiness owners to do business safely and effectively with enterprise organizations. Its unmatched experience and industry leadership enable it to operate on the forefront of the independent economy and consistently advance the next way of working. Duration:...
-
Cybersecurity Engineer
1 day ago
Washington, United States MBO Partners Full timeMBO Partners is a deep jobs platform that connects and enables independent professionals and microbusiness owners to do business safely and effectively with enterprise organizations. Its unmatched experience and industry leadership enable it to operate on the forefront of the independent economy and consistently advance the next way of working. Duration:...