Cyber Network Infrastructure Engineer

Recro gets its name from the Latin for "Re-invent", which is exactly what we aim to do. We transform our clients' operations through holistic full-stack solutions. Each client's needs are individually met, resulting in tailored solutions that work for the present and well into the future. Many of our staff hold high-level United States Government security clearances, and our experience across sectors brings you a unique advantage. Recro leadership strongly believes in putting our people first. We focus on hiring passionate individuals and seek to remove barriers and enable our personnel to deliver. We are experienced in Consulting, Analytics, Digital Solutions, Software Development, Cloud, Cloud-Native, and Cyber Security.

Currently, Recro is seeking a motivated, career and customer oriented Cyber Engineer (FireEye) to join our team in McLean, VA .

Clearance

• TS/SCI
Responsibilities:

• (Blue Team) Cyber Network Infrastructure and Operations Engineer with strong cyber security, Defensive Cyber
  Operations (DCO) and networking domain knowledge to support cyber analytics product development, threat analysis, statistical
  analysis, model development and direct customer mission support.
• Capable of designing, building, and maintaining IDS/IPS capabilities that enable cyber hunt activities for enterprise teams responsible for active hunting for threats and reporting on findings, with familiarity of supporting partner technologies including EDR, NDR, DLP, and others.
• Cyber Incident Response capability engineer will be responsible for architecting, engineering, and operating capabilities to support Cyber Hunt analysts.
• Responsible for converting tools, techniques and processes into automated capabilities.
• Responsible for collecting customer Cyber Operations requirements, generating use cases, providing Cyber SME support and system training to end users.

Qualifications:

• 2+ Years of experience with one or more of the following tools: Suricata, Snort, Zeek, FireEye HX, Endgame, Corelight
• 5+ Years of Linux System Architecture, Engineering, Design and Support (RHEL, CentOS, Oracle Linux, etc)
• Deep understanding of network traffic analysis methods (e.g.,TCP-DUMP, Wireshark, Bro/Zeek), and core networking fundamentals (TCP-IP, OSI Model)
• Architecting / Engineering / Deploying / Sustaining Network Traffic Analysis tools leveraging both Open Source and Commercial Off the Shelf Capabilities
• Familiarity with implementing STIG / NIST / OSCAP frameworks on Linux Operating Systems
• Familiarity with reading and interpreting signatures (e.g., SNORT, SIGMA, Yara, YML, XML)
• Familiarity with data flow and tooling configurations related to connections for SIEMs - (e.g., Splunk, Q-Radar, ArcSight, ELK)
• Active TS/SCI clearance; willingness to take a polygraph exam
• HS diploma or GED and 7+ years of experience with supporting IT projects and activities, Associate's degree and 5+ years of experience with supporting IT projects and activities, Bachelor's degree and 3+ years of experience with supporting IT projects and activities
• Active DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND
• Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider (CSSP) - Infrastructure Support (IS) certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND prior to start date

Preferred Qualifications:

• Familiarity with collecting data from a variety of cyber defense resources. (e.g., CVE, OSINT)
• Proficient in various query languages (SQL, Lucene, JEXL, KQL (Kusto and Kibana))
• Experience with dashboarding/visualizations (Power-Bi, Superset, Kibana)
• Familiarity with SOARs (e.g., Sentinel, CORTEX, X-SOAR)
• Familiarity with cloud providers and environments (Azure, AWS, Google Cloud Platform)
• Developing and deploying threat detection signatures
• Detecting host and network-based intrusions
• Recognizing and categorizing types of vulnerabilities and associated attacks
• Experience scripting in PowerShell and BASH command line interfaces or in Python or Perl scripting languages
• Experience designing, building/ provisioning using Ansible, Chef, etc.
• Experience designing, building, deploying, and maintaining infrastructure in cloud environments with the tools such as GitLab CI, Ansible Tower, JIRA, Jenkins, Satellite, etc.
• Familiarity with VMware, ESXi, and vSphere

Benefits at Recro

• 100% paid medical, dental, and vision
• 401k - 6% matching and 401k profit sharing
• PTO - 120 Hours
• Federal Holidays
• Education and Tuition Reimbursements
• Wellness Benefits
• A lot of cool gear!

Working at Recro

• A Great Culture - We are building a culture at Recro where amazing people (like you) can do their best work. If you are ready to grow your career and recro (re-invent) the way our clients operate, you have come to the right place.
• A Great Place to Work - Employees are treated like people, not line items. We work smart when we can and hard when we must but we always do it together, as a team. We are a team with tons of passion and enthusiasm to blaze new trails and improve the state of our clients, the broader community, and even the world.
• A Great Place to Contribute - We believe diverse perspectives improve each challenge that we face. We trust and enable our amazing people to accomplish amazing feats. At Recro, you will be empowered to deliver your best work.
• A Great Place to Grow - We believe in our people and maximizing your potential. At Recro, we continue to look into the future and invest in each other through teamwork, collaboration, and training.