Job Duties:
Required Skills:
- Conducts software and systems engineering to develop new capabilities, ensuring cybersecurity is fully integrated across the enterprise.
- Conduct comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
- Install, configure, troubleshoot, and maintain hardware and software, and administers system accounts.
- Research and analyze the latest information security vulnerabilities, threats, exploits, trends and intelligence.
Required Skills:
- U.S. Citizen
- Active TS/SCI clearance
- At least three years of Gov't IT experience.
- Individual must have high degree of skills with the MS Office toolsets.
- Applicant must possess refined critical thinking skills, should be a self-starter, may direct the activities of other team members, diplomatic, multi-task capable, adaptive to a dynamic environment, dependable and reliable.
- Prior experience in a government consulting services environment is required.
- Proficient w/ Splunk Processing Language (SPL), ELK Lucene Query Syntax or other search/analytics tool.
- Proficient with programming/scripting fundamentals - including regex, C , Python, RHEL, Unix Scripting, and Windows PowerShell is required. Linux /Red Hat; RHEL 7.
- More than three (3) years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front-line analysis, and response.
- Understanding of SIEM "Search" Language & Lucene Query Syntax.
- Understanding of SIEM Dashboard, Reports, Lookup Tables, and Summary Indexes.
- Knowledge of knowing how to customize Dashboards via the XML source.
- Experience with SIEM Apps and ELK.
- Experience with Python Scripting. Programming experience in Python, C/C , Java, or Go.
- Demonstrated expertise with malware analysis, including investigations of botnet and root-kit behavior.
- Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography). Network Security Devices (IDS/IPS, NGFW, WAF, NGAV). OSSEC, Snort, Suricata Experience.
- Experience with at least one SIEM i.e Alienvault, Logrhythm, Splunk, Qradar , ELK and Firewalls such as Fortinet, Sonicwall, and Palo Alto. Scanning technologies, Log collection and analysis tools (SIEM).
- Experience with Scripting/Programming Languages (BASH, Python, Java, etc). Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects).
- GCFA and C or GCFA Python & all required IAT Level III requirements met