Today
Top Secret
Mid Level Career (5+ yrs experience)
IT - Security
Fort Belvoir, VA (On-Site/Office)
Cybersecurity Engineer
Our client is deeply committed to staying ahead of the evolving threat landscape, continuously innovating to deliver effective and reliable security services that empower their users and customers to confidently navigate the digital world. We are passionate cybersecurity professionals dedicated to making a real difference. If you're driven by a desire to protect organizations from cyber threats and contribute to a safer digital world and want to make a difference for the Department of Defense, this is the place for you.
Duties and Responsibilities:
CSE will assist in the monitoring of customer network traffic, analyze security logs, investigate potential security incidents and help lead the response when threats are detected. They will also implement security measures, such as firewalls and intrusion detection systems, and provide recommendations to enhance the organization's overall cybersecurity posture. Additionally, they will apply advanced expertise in cyber threats and trends to proactively identify and respond to emerging risks.
Ensure all non-low risk logs are collected by the SIEM and ensure alerts if those logs are not received as expected
Regularly review rulesets in our security toolsets including but not limited to the SIEM, EDR, and NDR. Ensure rulesets have comprehensive coverage for all non-low risks
Conduct detailed technical analysis of IT systems environments from Endpoint, Network, and other technical data
Assist with configuration of cybersecurity tools that are deployed, including Endpoint security systems, Next-Generation Firewalls, Mobile Threat Detection solutions, and Email Security solutions
Identify process improvements and implement solutions to existing processes
Design reporting standards and employ best practices in cybersecurity analysis to provide quality products to non-technical audiences
Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating resolution, and event reporting
Perform mitigation activities for current and residual risk
Assist with project planning and identification of mitigation activities
Proactive monitoring of internal and external-facing environments using specialized security applications
Proactively research and monitor security-related information sources to aid in the identification of threats to networks, systems and intellectual property
Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
Advanced Analysis: Investigate Threat and DLP alerts analyzing patterns to prioritize threats.
Detection & Prevention: Leverage tools to interpret data and prevent security incidents.
Continuous Improvement: Identify trends and suggest improvements for detection policies and practices to enhance our overall security framework.
Collaboration: Work closely with teams across Cyber Defense, Legal, Privacy, and HR during investigations to ensure compliance and resolution.
Incident Reporting: Prepare detailed reports on investigations, incidents, and mitigation strategies, keeping stakeholders informed.
Policy Refinement: Help fine-tune detection tools by providing feedback to the CTO and InfoSec team.
Skills/Experience/Certifications:
5+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration
Bachelor’s degree in computer science, Mathematics, Engineering, or other related areas of study
3+ years working with a SIEM in a content development or Incident Response role
3+ years of System and/or Network Administration experience
Top Secret Security Clearance
Relevant certification from a nationally recognized technical authority meeting DOD 8570.01 IAT II.
Must possess and maintain DOD 8570.01 CNDSP/CSSP-IR or CSSP-A certification
Understanding of various log formats
Understanding of the MITRE ATT&CK framework
Strong understanding of network architecture
Experience developing & maintaining scripts (preferably using PowerShell, Python or SPL)
Understanding of Defense-in-Depth
Our client is deeply committed to staying ahead of the evolving threat landscape, continuously innovating to deliver effective and reliable security services that empower their users and customers to confidently navigate the digital world. We are passionate cybersecurity professionals dedicated to making a real difference. If you're driven by a desire to protect organizations from cyber threats and contribute to a safer digital world and want to make a difference for the Department of Defense, this is the place for you.
Duties and Responsibilities:
CSE will assist in the monitoring of customer network traffic, analyze security logs, investigate potential security incidents and help lead the response when threats are detected. They will also implement security measures, such as firewalls and intrusion detection systems, and provide recommendations to enhance the organization's overall cybersecurity posture. Additionally, they will apply advanced expertise in cyber threats and trends to proactively identify and respond to emerging risks.
Ensure all non-low risk logs are collected by the SIEM and ensure alerts if those logs are not received as expected
Regularly review rulesets in our security toolsets including but not limited to the SIEM, EDR, and NDR. Ensure rulesets have comprehensive coverage for all non-low risks
Conduct detailed technical analysis of IT systems environments from Endpoint, Network, and other technical data
Assist with configuration of cybersecurity tools that are deployed, including Endpoint security systems, Next-Generation Firewalls, Mobile Threat Detection solutions, and Email Security solutions
Identify process improvements and implement solutions to existing processes
Design reporting standards and employ best practices in cybersecurity analysis to provide quality products to non-technical audiences
Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating resolution, and event reporting
Perform mitigation activities for current and residual risk
Assist with project planning and identification of mitigation activities
Proactive monitoring of internal and external-facing environments using specialized security applications
Proactively research and monitor security-related information sources to aid in the identification of threats to networks, systems and intellectual property
Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
Advanced Analysis: Investigate Threat and DLP alerts analyzing patterns to prioritize threats.
Detection & Prevention: Leverage tools to interpret data and prevent security incidents.
Continuous Improvement: Identify trends and suggest improvements for detection policies and practices to enhance our overall security framework.
Collaboration: Work closely with teams across Cyber Defense, Legal, Privacy, and HR during investigations to ensure compliance and resolution.
Incident Reporting: Prepare detailed reports on investigations, incidents, and mitigation strategies, keeping stakeholders informed.
Policy Refinement: Help fine-tune detection tools by providing feedback to the CTO and InfoSec team.
Skills/Experience/Certifications:
5+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration
Bachelor’s degree in computer science, Mathematics, Engineering, or other related areas of study
3+ years working with a SIEM in a content development or Incident Response role
3+ years of System and/or Network Administration experience
Top Secret Security Clearance
Relevant certification from a nationally recognized technical authority meeting DOD 8570.01 IAT II.
Must possess and maintain DOD 8570.01 CNDSP/CSSP-IR or CSSP-A certification
Understanding of various log formats
Understanding of the MITRE ATT&CK framework
Strong understanding of network architecture
Experience developing & maintaining scripts (preferably using PowerShell, Python or SPL)
Understanding of Defense-in-Depth
group id: 10211450
