HireTalentHerndon (VA), 3 mi from Reston
The Senior Systems Security Engineer is responsible for designing and administering compute and network solutions. This position provides technical design, assistance and support related to desktop and server systems, hardware, or software.
Responds...
Byte Systems LLCHerndon (VA), 3 mi from Reston
Candidate MUST possess a TS/SCI clearance with Intel Polygraph
Senior Principal Information Assurance/Security Engineer
{will accept higher or lower levels if candidate qualifies}
As a Computer Systems Security Analyst on the TALOS program, you...
KBRSpringfield
Systems Engineering experience with Model-Based Systems Engineering (MBSE) applications and technology. Architecture Systems Engineer to join our team supporting our customer in Chantilly VA that. We engineer spacecraft command and control systems and process the resulting collected data into useful...
Two Six TechnologiesArlington
Two Six Technologies is looking for a Principal Embedded Software Engineer to join our team in Arlington, Virginia. The team is composed of intellectual individuals, passionate about embedded cybersecurity research. The team is growing and looking for someone with a low-level software development ba...
Space Ground System Solutions (SGSS)Alexandria
BS in Computer Science/Engineeringor other relevant Engineering field from an accredited university or equivalent combination of formal education and experience. Space Ground System Solutions, a Parsons company, has an immediate full-time opening for a software engineer in Alexandria, VA.
VMOC is a ...
Booz Allen HamiltonChantilly
Ability to obtain Security+ CE, SSCP, CCNA-Security, or GSEC Certification within 6 months of hire . Are you looking for an opportunity to develop a data platform that will have an impact on rapid exploitation and sharing of multi-INT information across the intelligence community?
Solid platform dev...
Capital OneMc Lean (VA), 6 mi from Reston
Center 3 (19075), United States of America, McLean, Virginia
Manager, Endpoint Security Engineer
Do you love building and pioneering in the technology space? Do you enjoy solving complex technical problems in a fast-paced, collaborative, inclusive...
Capital OneMc Lean (VA), 6 mi from Reston
Center 3 (19075), United States of America, McLean, Virginia
Principal Associate, Security Engineer (CyberArk)
Do you love building and pioneering in the technology space? Do you enjoy solving complex technical problems in a fast-paced...
Get new jobs by email!
Get email updates for the latest Security Engineer jobs in Reston
It's free, and you can cancel email updates at any time
Cyber Detection Analyst (Cloud)
Byte Systems LLC | Reston | www.resume-library.com |
Candidate MUST possess a TS/SCI clearance with Intel Polygraph
Job Description:
The Cloud Cyber Incident Responder on this Cyber Security support contract performs the following duties:
Perform cyber analysis and response, detection engineering, and automation for commercial cloud environments
Develop metrics and reporting to inform the customer of identified risks to their environment.
Create and modify SIEM dashboards to clearly identify scope of findings or monitor activity.
Identify patterns/outliers within data sets that match threat actor TTPs, post compromise behavior, and otherwise unusual activity, such as insider threat.
Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations to identify IOCs.
Track investigations to resolution and provide an after-action report as required.
Identify misuse, malware, or unauthorized activity on monitored networks
Analyze all relevant cyber security event data and other data sources for attack indicators and potential security breaches
Assist in coordination during incidents
Identify intrusions utilizing various detection and prevention systems and other security event data sources on 24x7x365 basis
Analyze intrusion related data to determine root cause and identify follow on activity while coordinating with Incident Handlers, Hunters, and various partners
Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs, to include NetFlow, metadata, and pcap analysis
Contributes in tuning and filtering of events and information, creating custom views and content using all available tools
Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event
Contribute to the development of playbooks and procedures for handling each security event detected.
Required Skills:
Requires Bachelor's degree or equivalent and minimum 5 years of related experience. OR 4 additional years of experience in lieu of degree
Minimum of 5 years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management.
Familiarity with the following classes of enterprise cyber defense technologies
Security Information and Event Management (SIEM) systems to include Splunk ES, Elk, Sentinel, Chronicle
Sysmon
Azure
AWS
GCP
Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
Network and Host malware detection and prevention
Network and Host forensic applications
Web/Email gateway security technologies
Log aggregation toolsOptional Skills:
MUST be a US Citizen with a U.S. Government clearance - Intel with Polygraph
NOTE: Must have an active TS-SCI with poly. No sponsorships or upgrades are available. Submissions without this requirement will not be considered. H1-B holders will not be considered.
Benefits:
5 week paid vacation + 10 gov't holidays
15% contribution to 401k
LTD, STD disability and life insurance
Paid health, dental, and vision for employee and family.
$5000 annual training expense reimbursement
Computer purchase plan
Job Description:
The Cloud Cyber Incident Responder on this Cyber Security support contract performs the following duties:
Perform cyber analysis and response, detection engineering, and automation for commercial cloud environments
Develop metrics and reporting to inform the customer of identified risks to their environment.
Create and modify SIEM dashboards to clearly identify scope of findings or monitor activity.
Identify patterns/outliers within data sets that match threat actor TTPs, post compromise behavior, and otherwise unusual activity, such as insider threat.
Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations to identify IOCs.
Track investigations to resolution and provide an after-action report as required.
Identify misuse, malware, or unauthorized activity on monitored networks
Analyze all relevant cyber security event data and other data sources for attack indicators and potential security breaches
Assist in coordination during incidents
Identify intrusions utilizing various detection and prevention systems and other security event data sources on 24x7x365 basis
Analyze intrusion related data to determine root cause and identify follow on activity while coordinating with Incident Handlers, Hunters, and various partners
Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs, to include NetFlow, metadata, and pcap analysis
Contributes in tuning and filtering of events and information, creating custom views and content using all available tools
Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event
Contribute to the development of playbooks and procedures for handling each security event detected.
Required Skills:
Requires Bachelor's degree or equivalent and minimum 5 years of related experience. OR 4 additional years of experience in lieu of degree
Minimum of 5 years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management.
Familiarity with the following classes of enterprise cyber defense technologies
Security Information and Event Management (SIEM) systems to include Splunk ES, Elk, Sentinel, Chronicle
Sysmon
Azure
AWS
GCP
Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
Network and Host malware detection and prevention
Network and Host forensic applications
Web/Email gateway security technologies
Log aggregation toolsOptional Skills:
MUST be a US Citizen with a U.S. Government clearance - Intel with Polygraph
NOTE: Must have an active TS-SCI with poly. No sponsorships or upgrades are available. Submissions without this requirement will not be considered. H1-B holders will not be considered.
Benefits:
5 week paid vacation + 10 gov't holidays
15% contribution to 401k
LTD, STD disability and life insurance
Paid health, dental, and vision for employee and family.
$5000 annual training expense reimbursement
Computer purchase plan
Best jobs you don't want to miss: