Responsibilities

Peraton is currently seeking a Senior Security Engineer to join our team of qualified, diverse individuals. The Senior Security Engineer is responsible for utilizing tools such as SPLUNK to enhance monitoring capabilities and perform monitoring duties as well as expanding on the security posture of the current environment. Supports Security Operations by threat hunting and security monitoring. Builds out processes and procedures to include documenting work in SOPs. Coordinates with internal and external teams to address threats and risks via investigation and forensic analysis. 

Able to perform direct and advisory roles in oversight planning and implementation of projects and initiatives. Advise management and team members of risks associated with technologies and implementation approaches and identify methods of risk mitigation. Support problem resolution and identify process improvements. Interface as needed at multiple levels of management, providing information and thought leadership in technical areas. 

Day to Day Work Responsibilities: 

• Experience with implementing, and operating Splunk or other big data platforms
• Developing custom dashboards, data models, reports, alerts, and performance optimization for Splunk.
• Developing complex queries using Splunk Query Language for use in advanced dashboard and alerts to promote advanced searching, forensics, and analytics.
• Recognizing and on-boarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
• Developing and documenting configuration standards, policies, and procedures for operating, managing and ensuring the security of system infrastructure.
• Participating in incident, problem, and change management processes.Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support Incident Response Teams (IRTs). 
• Developing documentation on new or existing systems.
• Providing system/equipment/specialized training and technical guidance.
• Communicating with customers and teammates clearly and concisely.Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. 
• Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
• Perform analysis of log files from a variety of sources (g.individual host logs, network traffic logs, firewall logs, and intrusion detection system {IDS} logs) to identify possible threats to network security. 

SHIFT: 1st Shift - Monday through Friday

Location: 1616 Fort Myer Drive, Suite 700, Arlington, Virginia 22209

#LI-DP1

Qualifications

Basic Qualifications:  

• US Citizenship required and an active Secret clearance with the ability to obtain a Top Secret clearance
• BS degree and 10 to 12 years, experience or MS degree with 8 to 10 years, experience or a high school diploma/equivalent with minimum 14 years, experience 
• 5 years of related systems engineering experience - primarily in a government environment, dealing with business critical, high availability systems.
• Experience configuring and utilizing monitoring/logging and security analysis solutionsStrength in multitasking and pritorization in order to meet periodically changing deadlines 
• Self-starting and able to drive projects to completion in a fast moving environment 
• Solid communications skills, both written and verbal. Able to create, discuss and explain technical documentation.
• Development of documentation for engineering from requirements and architectural designs, and diagrams. 
• Understanding of system, network, and application security threats and vulnerabilities with the ability to establish monitoring solutions.
• Ability to identifying different tactics and techniques of attacks.
• Strong log analysis skills.
• Strong ability to identify logging and monitoring requirements.
• Understanding of TCP/IP and UDP protocols, network ports/protocols, and traffic flow.
• Understanding of Boolean logic and event correlation.
• Recommend and implement system enhancements that improved the performance, security, and reliability of the system
• Strong knowledge of data analysis
  • Experience implementing and monitoring security controls
  • 5 years SOC or Cybersecurity related (required)
  • Security CE or other 8570 IAT level II certification (required)
  • Certified Splunk Power User or higher (required)
  • 2 years of Splunk Application Administration experience
  • Experience creating advance Splunk dashboard (required)
  • 4 years querying and manipulating data with at least 2 experience with SPL (required) with knowledge of data types, conditions, and regular expressions.

Preferred Qualifications:

• A strong work ethic
  • Ability to examine issues both strategically and analytically
  • Experience writing regular expressions
  • Experience with Microsoft Sentinel
  • Experience with DevSecOps concepts, tools and automation skills
  • Knowledge of TCP/IP, networking essentials, components, data flows, protocols, and authorization boundaries
• Knowledge of cybersecurity frameworks and standards
  • Knowledge of cloud security
  • Knowledge of current IT security best practices
  • Knowledge of system administration, networking, and operating system hardening techniques
  • Mixed operating systems experience: (Linux, Windows)
  • Experience troubleshooting issues related to storage
  • Scripting/coding experience

• Knowledge of F5 Application Security Manager (ASM) concepts and techniques.

Peraton Overview

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.

An Equal Opportunity Employer including Disability/Veteran.

For Colorado Residents