We have an outstanding Contract position for a Cyber Detection Engineer to join a leading Company located in the Fairmont, WV surrounding area.
**US Citizenship is required.** **Candidate must possess an Active Interim Top Secret Security Clearance or Abjudicated Secret Security Clearance.** Please click on this link if you have any questions on how to obtain a clearance: https://www.tadpgs.com/obtain_security_clearance
The Cyber Detection Engineer will develop detections based on the intelligence available, then research and assist in implementing new detection methods. This Detection Engineer will ensure that malicious activity will be detected within the environment.
Responsibilities:
The DE is responsible for quality assurance of detections including filtering for potential false positives, mapping detections to MITRE ATT&CK framework, and specific campaigns/APTs when applicableThe Detection Engineer will work closely with other analysts to ensure detections are relevant to the current threat landscapeWork closely with the SIEM team to make recommendations for tuning and detection enhancementsEvaluate the quality of data resulting from detections and ensure that the output of a detection leads to a meaningful investigationConfigure tools to detect atomic, computed, or behavioral indicators based on generated tactical intelligence across SOC's detection sensors such as Logging Infrastructure (SIEM, Connector/Forwarder, Data Stream Processing, etc), Security Sensors (NIDS/NIPS, EDR, Email Protection, etc), or SOARDevelop and implement detection feedback processes - e.g., tuning false positives, etcUse machine learning and pattern analysis to improve the detection of specific types of threatsBasic Hiring Criteria:
Bachelor's DegreeMinimum 8 years of prior relevant experience in order tooperate within the scope contemplated by the level; a combination of education, experience, and certifications will be considered as part of the qualification assessmentCEH, GCIH, or relevant IT technology certificationMust be a US CitizenMust have an active Interim Top Secret or adjudicated Secret to be considered for this roleDesired Qualifications:
Prior experience performing as a SOC analystPrior experience performing similar application security functionsStrong analytical and troubleshooting skillsExcellent written and verbal communication skillsTeam playerUpbeat and positiveattitudeHands-on cybersecurity experienceDemonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs)Familiarity with the customer's mission