Job Duties:

• Conducts software and systems engineering to develop new capabilities, ensuring cybersecurity is fully integrated across the enterprise.
• Conduct comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
• Install, configure, troubleshoot, and maintain hardware and software, and administers system accounts.
• Research and analyze the latest information security vulnerabilities, threats, exploits, trends and intelligence.

Required Skills:

•  U.S. Citizen
• Active TS/SCI
• At least three years of Gov't IT experience.
• Individual must have high degree of skills with the MS Office toolsets.
• Applicant must possess refined critical thinking skills, should be a self-starter, may direct the activities of other team members, diplomatic, multi-task capable, adaptive to a dynamic environment, dependable and reliable.
• Prior experience in a government consulting services environment is required. 
• Proficient w/ Splunk Processing Language (SPL), ELK Lucene Query Syntax or other search/analytics tool.
• Proficient with programming/scripting fundamentals – including regex, C , Python, RHEL, Unix Scripting, and Windows PowerShell is required. Linux /Red Hat; RHEL 7.
• More than three (3) years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front-line analysis, and response.
• Understanding of SIEM "Search" Language & Lucene Query Syntax.
• Understanding of SIEM Dashboard, Reports, Lookup Tables, and Summary Indexes.
• Knowledge of knowing how to customize Dashboards via the XML source.
• Experience with SIEM Apps and ELK.
• Experience with Python Scripting. Programming experience in Python, C/C , Java, or Go.
• Demonstrated expertise with malware analysis, including investigations of botnet and root-kit behavior.
• Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography). Network Security Devices (IDS/IPS, NGFW, WAF, NGAV). OSSEC, Snort, Suricata Experience.
• Experience with at least one SIEM i.e Alienvault, Logrhythm, Splunk, Qradar , ELK and Firewalls such as Fortinet, Sonicwall, and Palo Alto. Scanning technologies, Log collection and analysis tools (SIEM).
• Experience with Scripting/Programming Languages (BASH, Python, Java, etc). Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects).
• GCFA and C or GCFA Python & all required IAT Level III requirements met