Job Description :

Please send reusme to

We need a Threat Detection Engineer with Cybersecurity experience for a 6+ month contract role for a client in Long BeachCA.

 

The Threat Detection Engineer works as a member of the Cyber Operations Team. The primary focus for this role is to operate & maintain robust analytics/detection infrastructure to support the team’s threat monitoring capabilities and triage efforts across a suite of security monitoring tools. The candidate will be a subject matter expert on the design, implementation, deployment and maintenance of scalable security monitoring systems and processes, with an emphasis on creating a high signal-to-noise ratio for alerts.

 

Essential Duties and Responsibilities

The successful candidate will possess deep tactical knowledge and will work as part of a team enhancing detection capabilities on the client’s current platform. The primary function of the role will be to find new methods to find malicious anomalies in the environment from data collected by our solutions. The output of this may be in the form of rules, analytics, and/or product enhancements. The ideal candidate will be an articulate, passionate, and experienced incident responder who loves to both learn and to pass that learning on to others. We are looking for you to have 5+ years in the information security incident detection/response field, including:

? Design & engineering of large, performant and distributed cybersecurity systems

? Aggregation, normalization and enrichment of various event feeds and sensor data

? Development & testing of new heuristic/correlation detection rules

? Development of new search filters & dashboards

? Event detection & response tuning

? Data warehouse tuning & optimization

? Integration of diverse cyber threat intelligence sources

 

In addition, the candidate should possess a strong intuition for curating and integrating useful “observables” from network/host sensors for the development of detection rules and incident analysis. The candidate will be expected to balance economy with completeness when integrating data sources into the SIEM. The ability to articulate the utility of a data source for incident analysis and response of any given threat scenario is highly valued.

Although not the primary responsibility, the candidate is expected to have prior experience with security incident analysis, investigation and remediation on a tier 2 level or higher. In order to drive effective improvement to threat detection systems and processes for the Cyber Operations Team, the candidate should also possess at least 1 of the following complementary skillsets:

? Network/System forensics and intrusion analysis

? Incident timeline construction and root cause analysis

? Advanced PCAP analysis

? Malware analysis and reverse engineering

? Advanced scripting & automation

? Network Pen Testing

? Advanced Threat hunting using frameworks such as HELK

 

Required Education and Experience

1. Bachelor's degree in Computer Science from a recognized and approved program. An advanced degree is preferred.

2. Strong experience in Cyber security, including at least 5+ years in Incident Response, Cybersecurity Engineering, and Threat Intelligence analysis.

3. Holding one of the following certificate:

a. Certified Integrator/Administrator (various SIEMs)

b. Certified Ethical Hacker (CEH)

c. CCNA

4. Ability to manage multiple projects.  

5. Understands common protocols such as: DHCP, LDAP, SNMP, SMTP, HTTP, SSL.

6. Demonstrates strong understanding of security concepts, best practice and tools.

7. Understanding log format and source data for SIEM.

8. Solid experience on developing custom parsers.

9. Deep experience on integration of SIEM with other systems.

10. Must have solid information security and threat intelligence knowledge.

 

This new Cybersecurity resource will work REMOTELY for the next several months but will need to be able to come onsite in Long Beach full time after the Covid situation has stabilizedWe would prefer a resource who lives in or near Southern CA.

 

PRASHANT GOYAL
CYBERTEC, INC.
11710 Plaza America Drive
Suite #2000, Reston, VA 20190
Direct
Fax
Email:
URL:

             

Similar Jobs you may be interested in ..