Engineer Systems III, SEY3/ CND / Incident Response Analyst
Fort Meade, MD, United States
PeratonPeraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly...
Are you looking for an Engineer Systems III, SEY3/ CND / Incident Response Analyst role?
This is what you'll get to do:
- Architecture, administration, and operation of comprehensive monitoring solutions for enterprise network, hosts and user for the detection, monitoring, and removal of threats as directed by the appropriate authority.
- Integration and management of SIEM and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions.
- Creation and maintenance of comprehensive incident response playbooks to streamline response activities, ensuring consistent and efficient responses.
- Correlation of data from multiple sources, including host, network, user, and intelligence reports, to uncover threats.
- Collection, aggregation, and interpretation of log data from various sources.
- Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems, to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma.
- Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner.
- Hardware configuration and design of deployable network kits that includes switches, routers, taps, hypervisors, and network storage devices to ensure seamless integration and optimal performance.
- Analysis of the current state of organizational cyber security policies, certification and accreditation packages, programs, procedures, and provide expert recommendations for improvement based on industry best practice.
- Implementation and maintenance of firewalls, VPNs, and security controls to secure a networks perimeter.
- Both static and dynamic malware analysis to determine the function of unknown binaries and identify unique characteristics, leading to the development of indicators of compromise.
- Advanced network and host forensic techniques, such as dead disk forensics, memory forensics, and registry forensics, using tools such as Kape, Autopsy, Volatility, FTK, and Encase.
- Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies.
- Perform Cyber Threat Emulation to assess security tools to, test mitigations, evaluate controls, and evaluate local defender procedures in a controlled environment.
- Training and development of CPT personnel on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA’s related to their assigned work role.
- Applying DCO and Offensive Cyber Operations (OCO) concepts and applications to mission analysis and utilizing them to develop concepts of employment for the CPT and assist in pre-mission planning activities.
- Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training.
- Utilization of various threat intelligence sources to improve security posture and provide input into pre-mission product development.
- Active/Current Top-Secret/SCI with polygraph
- Minimum of Bachelor's Degree from an accredited college or university
- Ability to recognize suspicious activity/events, common attacker TTPs, perform logical analysis and research to determine root cause and scope of Incidents
- In-depth knowledge of each phase of the Incident Response life cycle
- 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD of related experience.
- IAT level III or CSSP Incident Responder certification with documented additional education, specialization, or certification in one of the technologies or tools listed below. (JELC)
- 5 years of experience in 8 or more of the 13 below:
- System Architecture
- Network Engineering
- Systems Engineering
- Virtual Environments
- Dead disk and memory interrogations
- Malware analysis/reverse engineering
- Additional Preferred Experience
- SCADA Systems
- Cloud Environments
- Database Administration
- Hunt Methodologies
- SEIM Operations (Splunk/Security Onion)
- System Architecture
Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.
Target Salary Range$112,000 - $179,000. This represents the typical salary range for this position based on experience and other factors.
Tags: Autopsy Cloud CND DCO EnCase Firewalls Forensics Incident response Intrusion detection Malware Monitoring OCO PhD Polygraph PowerShell Python Reverse engineering SCADA Scripting SIEM Snort SOAR Splunk Threat intelligence TTPs VPN Vulnerabilities
More jobs like this
Philadelphia, Pennsylvania, United States … Philadelphia, Pennsylvania, United States - Remote Full TimeSenior Senior-levelUSD 90K - 140K USD 90K+
Cyber Security EngineerCloud Compliance HITRUST Incident response Intrusion detection NIST +8
Career development Competitive pay Flex hours Health care Insurance
Brooklyn, NY, United States Brooklyn, NY, United States Full TimeSenior Senior-levelUSD 175K - 205K USD 175K+
Senior Software Engineer II, Application SecurityApplication security Cryptography Exploits Pentesting PHP Privacy +2
Career development Competitive pay Equity Flex vacation Salary bonus
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs