Detection Engineer- Secret Cleared
Job Description
- p.p1 margin : 0.0px 0.0px 10.0px 0.0px; line-height : 24.0px; font : 16.0px Verdana; color : #ffffff; -webkit-text-stroke : #2d2d2d;
- background-color : #ffffff p.p2 margin : 0.0px 0.0px 10.0px 0.0px; line-height : 24.0px; font : 16.0px Verdana; color : #ffffff;
- webkit-text-stroke : #2d2d2d p.p3 margin : 0.0px 0.0px 0.0px 0.0px; font : 16.0px Verdana; color : #ffffff; -webkit-text-stroke : #000000;
min-height : 19.4px p.p4 margin : 0.0px 0.0px 0.0px 0.0px; font : 16.0px Verdana; color : #ffffff; -webkit-text-stroke : #000000 p.
p5 margin : 0.0px 0.0px 0.0px 0.0px; line-height : 19.4px; font : 16.0px Verdana; color : #ffffff; -webkit-text-stroke : #000000 p.
p6 margin : 0.0px 0.0px 0.0px 0.0px; font : 16.0px '.AppleSystemUIFont'; color : #ffffff; -webkit-text-stroke : #000000; min-height : 19.
1px p.p7 margin : 0.0px 0.0px 0.0px 0.0px; font : 16.0px Verdana; color : #ffffff; -webkit-text-stroke : #313949 li.li4 margin : 0.
0px 0.0px 0.0px 0.0px; font : 16.0px Verdana; color : #ffffff; -webkit-text-stroke : #000000 li.li5 margin : 0.0px 0.0px 0.
- 0px 0.0px; line-height : 19.4px; font : 16.0px Verdana; color : #ffffff; -webkit-text-stroke : #000000 span.s1 font-family : 'Verdana';
- font-weight : normal; font-style : normal; font-size : 16.00px; font-kerning : none span.s2 font-family : 'Verdana'; font-weight : normal;
- font-style : normal; font-size : 16.00px; font-kerning : none; background-color : #ffffff span.s3 font-family : 'Verdana';
font-weight : normal; font-style : normal; font-size : 16.00px; font-kerning : none; -webkit-text-stroke : 0px #313949 span.
- s4 font-family : 'Verdana'; font-weight : bold; font-style : normal; font-size : 16.00px; font-kerning : none span.s5 font-family : 'Verdana';
- font-weight : normal; font-style : normal; font-size : 16.00px; -webkit-text-stroke : 0px #000000 span.s6 font-family : 'Verdana';
- font-weight : bold; font-style : normal; font-size : 16.00px; font-kerning : none; background-color : #ffffff span.s7 font-family : 'Verdana';
font-weight : normal; font-style : normal; font-size : 16.00px; background-color : #ffffff; -webkit-text-stroke : 0px #000000 span.
s8 font-family : '.SFUI-Semibold'; font-weight : normal; font-style : normal; font-size : 16.00px; font-kerning : none ul.
ul1 list-style-type : disc ul.ul2 list-style-type : circle
We connect our employees with some of the best opportunities around.
Time and time again, our employees tell us that the most important thing we offer is respect. Federal Staffing Solutions puts people to work in all types of jobs.
When you work with us, you build a relationship with a team of employment professionals in your community who have, in turn, built personal relationships with the businesses that are hiring.
We are looking for a Threat Detection Engineer to work onsite in Ashburn, VA supporting our client.
The Threat Detection Engineer shall have the following qualifications :
- In-depth knowledge of Firewalls / Proxies / Intrusion Detection Systems / Domain Name Servers / DHCP / VPN and other network technologies and tools
- Experience updating, maintaining, and creating IDS variables within a complex enterprise network
- Expert in creating, modifying, tuning IDS signatures / SIEM Correlation Searches / yara rules and / or other detection signatures
- Familiarity with disk based forensic methodologies, Windows, and Linux forensic artifacts
- Experience with Endpoint Detection and Response (EDR) tools such as Carbon Black, Tanium, Crowdstrike, etc
- Able to create, modify, update, and maintain Python and Powershell scripts that enhance endpoint detection capabilities
- In-depth knowledge of attacker tactics, techniques, and procedures
- Author, test, and maintain automation scripts within SOAR platform
- The candidate must currently possess a Secret Clearance.
Additional Qualifications :
In addition to clearance requirement, all personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
- BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on cyber security or Masters with 6 years of prior relevant experience.
- Should have 5 years of experience serving as a digital media analyst or as a computer forensic analyst.
- Ability to work independently with minimal direction; self-starter / self-motivated
- Must have one of the following :
- CCFP Certified Cyber Forensics Professional
- CHFI Computer Hacking Forensic Investigator
- CISSP Certified Information Systems Security
- ECSA EC-Council Certified Security Analyst
- EnCE GCFA Forensic Analyst
- GCFE Forensic Examiner
- GCIH Incident Handler
- GISF Security Fundamentals
- GREM Reverse Engineering Malware
- GXPN Exploit Researcher and Advanced Penetration Tester
- LPT Licensed Penetration Tester
- OSCE (Certified Expert)
- OSCP (Certified Professional)
- OSEE (Exploitation Expert)
- OSWP (Wireless Professional)
- CIRC
- FIWE
- WFE-E-CI
- FTK-WFE-FTK
Preferred Qualifications :
- One of the following certifications :
- SANS Global Information Assurance Certification (GIAC)
- Certified Intrusion Analyst (GCIA) SANS
- Global Information Assurance Certification (GIAC)
- Certified Forensic Analyst (GCFA) SANS
- Global Information Assurance Certification (GIAC)
- Certified Network Forensic Analyst (GNFA)
- Certified Information System Security Professional (CISSP)
Essential Requirements :
- US Citizenship is required.
- Active secret clearance.
Job Duties :
- Identify gaps in malicious activity detection capabilities
- Create new signatures / rules to improve detection of malicious activity
- Test and tune existing signatures / rules to ensure low rate of false positives
- Assist in playbook development for alert triage and Incident Response
- Define and implement alert and threat detection metrics, statistics, and analytics
- Recommend new tools / technologies to improve network visibility
- Support Incident Response and Forensic operations as required to include static / dynamic malware analysis and reverse engineering
- Author and maintain scripts for threat detection and automation
Equal Opportunity Employer
Requirements
The Threat Detection Engineer shall have the following qualifications : In-depth knowledge of Firewalls / Proxies / Intrusion Detection Systems / Domain Name Servers / DHCP / VPN and other network technologies and tools Experience updating, maintaining, and creating IDS variables within a complex enterprise network Expert in creating, modifying, tuning IDS signatures / SIEM Correlation Searches / yara rules and / or other detection signatures Familiarity with disk based forensic methodologies, Windows, and Linux forensic artifacts Experience with Endpoint Detection and Response (EDR) tools such as Carbon Black, Tanium, Crowdstrike, etc Able to create, modify, update, and maintain Python and Powershell scripts that enhance endpoint detection capabilities In-depth knowledge of attacker tactics, techniques, and procedures Author, test, and maintain automation scripts within SOAR platform The candidate must currently possess a Secret Clearance.
Additional Qualifications : In addition to clearance requirement, all personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on cyber security or Masters with 6 years of prior relevant experience.
Should have 5 years of experience serving as a digital media analyst or as a computer forensic analyst. Ability to work independently with minimal direction;
self-starter / self-motivated Must have one of the following : CCFP Certified Cyber Forensics Professional CHFI Computer Hacking Forensic Investigator CISSP Certified Information Systems Security ECSA EC-Council Certified Security Analyst EnCE GCFA Forensic Analyst GCFE Forensic Examiner GCIH Incident Handler GISF Security Fundamentals GREM Reverse Engineering Malware GXPN Exploit Researcher and Advanced Penetration Tester LPT Licensed Penetration Tester OSCE (Certified Expert) OSCP (Certified Professional) OSEE (Exploitation Expert) OSWP (Wireless Professional) CIRC FIWE WFE-E-CI FTK-WFE-FTK Preferred Qualifications : One of the following certifications : SANS Global Information Assurance Certification (GIAC) Certified Intrusion Analyst (GCIA) SANS Global Information Assurance Certification (GIAC) Certified Forensic Analyst (GCFA) SANS Global Information Assurance Certification (GIAC) Certified Network Forensic Analyst (GNFA) Certified Information System Security Professional (CISSP) Essential Requirements : US Citizenship is required. Active secret clearance.