Signature Federal Systems is Hiring a Detection Engineer/Splunk Content Developer with Security Clearance Near McLean, VA
Position Description: Subject matter expertise in the creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to: -Network and host-based IDS, IPS, NDR, EDR, firewall, web application firewalls -Proxy -Splunk Enterprise Security -Manages and administers the tuning of rules, signatures, and custom content for specialized CND applications and systems. -Identifies potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts. -Manages inter-agency relationships with partner organizations to facilitate mission execution -Innovates creative solutions to challenging problems -Provides logical use case development -Provides and tracks requirements to engineering partners -Identifies gaps in visibility or coverage of cyber defense systems -Prepare and brief management and partner organizations on current state/proposed solutions -Prepare data analytics and reporting Required Experience/Skills: -Excellent interpersonal, organizational, writing, communications, and briefing skills -Strong analytical and problem solving skills. -Demonstrated expertise utilizing SIEM tools for use case development and application -Minimum of five years of progressively responsible experience in Cyber Security, InfoSec, Security -Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management Familiarity with the following classes of enterprise cyber defense technologies: -Incident Response analysis -Splunk Enterprise Security -Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS) -Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS) -Security Orchestration Automation and Response (SOAR) -Endpoint and Network Detection and Response (EDR/NDR) -User Behavior Analytics (UBA) -Network and Host malware detection and prevention -Network and Host forensic applications -Web/Email gateway security technologies Demonstrated experience in the following preferred: -Splunk ES -Python -Mitre ATT&CK -Jira -Tanium -Carbon Black -McAfee ePO/NSM -Palo Alto Networks