Cybersecurity Threat Detection Developer

2 months ago


Pasco, United States Top Secret Clearance Jobs Full time

About the job Cybersecurity Threat Detection Developer
Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours.

Cybersecurity Threat Detection Developer

On site in Washington DC

Location: Washington DC (On site - no remote)

Clearance: Top Secret (able to obtain a SCI)

Seeking a highly motivated Cyber Security Content Developer/ Cyber Threat Detection Developer (Threat Detection Developer) for User Activity Monitoring (UAM) to join our team to support our government clients. This role requires a Content Developer to provide support for onsite Insider Threat support services providing immediate investigation and resolution. Any qualified Cyber Threat Detection Developer will need to have an active Top-Secret clearance with SCI eligibility.

This role is an opportunity to apply and grow your skillset in development work with a motivated and rapidly growing company and working with a wide range of technology-forward clients.

Job Responsibilities:

  • Self-directed team member who develops, implements, maintains, and supports SIEM dashboards, reports, alerts, and knowledge objects
  • Create baselines, queries, dashboards, and visualization to support customer requirements shared with the SecOps and operational teams to identify trends, etc.
  • Manages and administers the tuning of rules, triggers, policies, signatures, and custom content for specialized CND applications and systems
  • Apply knowledge of regular expressions to create extractions and apply working knowledge of Power Shell or other scripting language(s)
  • Utilize knowledge of latest cyber threats and attack vectors to develop and or maintain custom correlation rules from all indexed sources to support continuous event monitoring and alerting
  • Participate in discussions to make recommendations on improving SOC cyber visibility, process improvements, and reducing the incident remediation period
  • Review all existing network event collections to determine if relevant data is present and make technical recommendations to develop or enhance alerting actions
  • Enhance customer's ability to accomplish mission initiatives by delivering forward-thinking solutions that are not defined by requirements
  • Author reports and/or interface with customers for ad-hoc requests
  • Provide expert guidance and mentorship to junior analysts
Required Qualifications:
  • US Citizen. Must have an active Top-Secret clearance (SCI eligible)
  • Bachelor's degree in computer science, Information Technology, or a related field, or equivalent work experience
  • Five years of experience in developing, implementing, and managing SIEM correlation rules and content (such as Splunk, ArcSight, Kibana, LogRhythm)
  • Experience with writing audit log parsers for SIEM data structures such as ArcSight's CEF or Splunk's SPL
  • Advanced knowledge of TCP/IP (Transport protocols geared to Network Engineering - Maybe change to encryption methods e.g. SSL/TLS and PKI) protocols, experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from security devices
  • Must have demonstrated the ability to tune the SIEM event correlation rules and logic to filter out security events associated with known and well-established network behavior, known false positives, and/or known errors
  • Experience developing advanced correlation rules utilizing stats and data models for cyber threat detection
  • Experience with Network Monitoring Tools such as proxy, load balancing, IDS/IPS, and packet capturing tools
  • Experience in a scripting language (e.g. Bash, Powershell, etc) and automating SOC processes/workflow
  • Experience implementing security methodologies and SOC processes
  • Ability to effectively work independently and as a team member
  • Work experience with Security Operations Center (SOC) or Industry Red Team
  • Facilitate excellent problem-solving, critical thinking, and analytical skills with the ability to de-construct problems
  • Work experience with the Intelligence Community
  • Critical thinking skills
  • Must possess strong written and verbal communication skills and must be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
Preferred qualifications:
  • Highly Preferred to have an Active SCI
  • Splunk Enterprise Security Admin, Splunk Certified Developer certification
  • Extensive experience with User activity monitoring (UAM) ,User Entity Behavior Analytics (UEBA) and DLP tools
  • Expertise in developing Insider Threat trigger policies
  • Investigate and analyze events of interest within the SIEM, document workflows, and identify process improvements in the handling and remediation of cybersecurity events
  • 8140.03 requirements?
  • Identifies and remediates visibility gaps of cyber defense systems
  • Experience with Installing and administering COTS applications on RHEL Linux and/or Windows
  • Hands-on experience with one of the enterprise cybersecurity toolsets: HBSS/ESS , Trellix and ePolicy Orchestrator
  • Hands-on experience running Tenable or vulnerability tracking/scanning systems
  • Other highly desired certifications: CEH , CYSA+ , GICSP, SSCP, CND


  • Pasco, Washington, United States Top Secret Clearance Jobs Full time

    About the Opportunity:This Threat Detection and Incident Response Specialist role at Top Secret Clearance Jobs is a unique opportunity to work with technology-forward clients and develop forward-thinking solutions that are not defined by requirements. As a cybersecurity professional, you will be working with government clients to provide support for onsite...


  • Pasco, Washington, United States Scout Solutions Inc Defunct Full time

    Job OverviewWe are seeking a highly skilled Cybersecurity Threat Analyst to provide support to our clients in Washington D.C. and hybrid environments.The ideal candidate will have 1-3 years of experience in Computer Incident Response Teams, Computer Emergency Response Teams, or Security Operations Centers.A Bachelor's degree in Computer Science, Information...


  • Pasco, Washington, United States Tech Talent Link, Inc Full time

    Security Engineer Job Description: Tech Talent Link, Inc is hiring a skilled Senior Cybersecurity Engineer to join our team. As a key member of our cybersecurity team, you will play a critical role in ensuring the security and integrity of our organization's assets. With a focus on Application Security and Azure Cloud knowledge, you will provide technical...


  • Pasco, Washington, United States Strategic Staffing Solutions Full time

    Job Title: Cyber Threat Intelligence AnalystWe are seeking a highly skilled Cyber Threat Intelligence Analyst to join our team at Strategic Staffing Solutions. This role involves providing strategic threat intelligence and cybersecurity support to our clients.The ideal candidate will have 5+ years of experience in cyber threat intelligence work or...


  • Pasco, Washington, United States ZipRecruiter Full time

    About the Role:We are seeking an experienced Cybersecurity Data Analyst to join our team. The ideal candidate will have a strong background in cybersecurity and data analysis and a proven track record of identifying and mitigating security threats.Key Responsibilities:Analyze complex cybersecurity data sets to identify trends and patterns.Develop and...


  • Pasco, Washington, United States Strategic Staffing Solutions Full time

    About the RoleWe are seeking a highly experienced Cyber Threat Intelligence Analyst to join our team at Strategic Staffing Solutions. As a key member of our team, you will be responsible for providing strategic threat intelligence and cybersecurity support to our clients.Key Responsibilities:Assist with planning, implementing, and upgrading cybersecurity...


  • Pasco, United States Strategic Staffing Solutions Full time

    STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!Title: Cyber Threat Intelligence Analyst Location: Houston, TX, or Washington, DC Schedule: Hybrid Duration: 24 months Type: W-2 Contract Key Skills: Need to have Federal/US Gov agency law enforcement or intelligence background. Job Duties: Assist with planning, implementing, and upgrading cybersecurity...


  • Pasco, United States Strategic Staffing Solutions Full time

    STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!Title: Cyber Threat Intelligence Analyst Location: Houston, TX, or Washington, DC Schedule: Hybrid Duration: 24 months Type: W-2 Contract Key Skills: Preferred: Federal/US government agency law enforcement or intelligence background. Job Duties: Assist with planning, implementing, and upgrading cybersecurity...


  • Pasco, Washington, United States Scout Solutions Inc Defunct Full time

    Job Description:We are seeking a skilled Cybersecurity Operations Specialist to join our team at Scout Solutions Inc. as a Tier II SOC Analyst. The ideal candidate will provide support to our client in Washington D.C., ensuring the security and integrity of our network infrastructure.**Estimated Salary:** $80,000 - $110,000 per yearResponsibilities:Analyze...


  • Pasco, Washington, United States Kyndryl Full time

    About KyndrylWe are a global company committed to designing, building, and managing technology systems that power the world's most critical businesses. Our goal is to provide innovative solutions that help our clients achieve their objectives.As a Security Risk Consultant, you will work closely with our Information Security team to identify and assess...


  • Pasco, Washington, United States RAND Full time

    About the PositionAre you a skilled cybersecurity professional looking to make a meaningful impact in the field of artificial intelligence? Do you have a passion for understanding the intricacies of AI systems and identifying potential vulnerabilities?We are seeking an experienced AI Security Specialist to join our team at RAND, a world-renowned research...


  • Pasco, Washington, United States Strategic Staffing Solutions Full time

    Job DescriptionWe are seeking a highly skilled Cyber Threat Intelligence Analyst to join our team at Strategic Staffing Solutions. In this role, you will be responsible for providing strategic threat intelligence and cybersecurity support to our clients.The ideal candidate will have 5+ years of experience in cyber threat intelligence work or equivalent, with...

  • Cybersecurity Expert

    3 weeks ago


    Pasco, Washington, United States First Tek Full time

    Job OverviewWe are seeking a highly skilled Cybersecurity Expert to join our team at First Tek. As a key member of our IT department, you will play a vital role in protecting our network infrastructure from potential threats.


  • Pasco, Washington, United States ZipRecruiter Full time

    Job Title: Cybersecurity Developer Expert">About Us:Quadtec is an IT Professional Services Firm focused on Information Communications Technologies.Job Summary:We are seeking a skilled Cybersecurity Developer to join our team. The successful candidate will have a strong focus on cybersecurity and experience with software development...


  • Pasco, United States ZipRecruiter Full time

    Job DescriptionJob Description Title: Cybersecurity Architect Location: Washington, DC (Onsite | SCIF) Work Environment: May require on-call support for incident response and operational continuity. Clearance: Active Top Secret, SCI eligibility About this role: Rackner is seeking a skilled NOC Architect to design and implement network and security...


  • Pasco, Washington, United States Agile Defense Full time

    Job OverviewWe are seeking a highly skilled Senior Network Security Engineer to join our team at Agile Defense. This is a unique opportunity to shape the client's cybersecurity strategy and play a pivotal role in protecting their network from threats.


  • Pasco, Washington, United States ZipRecruiter Full time

    Candidate Qualifications    Minimum three years of experience as a developer with a strong focus on cybersecurity.    At least two years of experience in a fully automated CI/CD environment using security tests to enforce security requirements.    Proficient in Python and JavaScript programming languages.    Knowledge of Splunk's Search...


  • Pasco, Washington, United States RAND Full time

    RAND is seeking a mission-driven cybersecurity expert to address critical challenges at the intersection of AI, information security, and national security.About the JobThis 2-year term position offers a unique opportunity to drive key policy decisions, ensuring the responsible development and deployment of powerful AI technologies. You will work directly...


  • Pasco, Washington, United States Agile Defense Full time

    Company OverviewAgile Defense is a leading provider of adaptive innovation solutions to support the nation's most important missions. Our vision is to integrate advanced technologies, elite minds, and unparalleled agility to strengthen and protect vital interests.Job DescriptionAs a Cyber Threat Analyst, you will join our Network Security Operations Center...


  • Pasco, Washington, United States ZipRecruiter Full time

    About Us">T-Rex Solutions is a mid-tier business providing data-centric mission services to the Federal government. We design, integrate, secure, and deploy advanced technical solutions for our customers so they can efficiently fulfill their critical objectives.">Job Description">We are seeking a highly skilled Senior Cybersecurity Engineer to join our team....