Content Developer SIEM with Security Clearance
Job Description Maximize your potential with IntelliGenesis! IntelliGenesis LLC has supported Department of Defense and Intelligence Community customers since 2007 by providing next generation capabilities for:
Offensive & Defensive Cyber Services, National Security Cyber Training, Data Science & Decision-Making Analytics, Intelligence Analysis, and Intelligence Solutions EngineeringIntelliGenesis offers an extremely competitive and generous benefits package that provides employees with both professional and personal satisfaction and growth while keeping focus on supporting the missionAdditionally, our employees enjoy a company culture that emphasizes the importance of family and work/life balanceOur benefits include:
Medical, Dental and Vision Insurance, 25 days of PTO with the option to purchase up to an additional 5 days, 12 paid holidays, up to 10% 401k match, Annual Individual Technology Budget, Unlimited Education/Training Reimbursements, and much more! Job Duties:
o Analyze DCO events.
Apply current industry SIEM best-practices.
Use security alerts correlated with log enrichment data to enhance the operator's ability to identify real attacks.
Establish security control effectiveness and monitor for unauthorized outbound connections Create detections by analyzing log data across the enterprise.
o Develop dashboards and visualizations to identify adversarial activity.
o Use log data to establish and implement virtual tripwires for early detection.
Analyze and ingest security logs into the SIEM in order to optimize for performance of the SIEM.
Conduct designing, implementing, and testing of various SIEM solutions.
o Create and support the creation of SIEM Use Cases and understand what alerts and log enrichment is necessary to meet the required acceptable false positive rate.
o Create, test, and validate filters and rules.
o Build and implement event correlation rules, logic, and content in the SIEM.
o Tune SIEM event correlation rules and logic to filter out security events associated with known and well established network behavior, known false positives and/or known errors.
Analyze malware threats to develop behavior based detections that alert and/or prevent malicious activity.
Automate tasks in the SIEM using a common programming or scripting language.
Create scheduled and ad-hoc reporting with SEIM tools.
o Create and maintain SIEM documentation.
o Develop and execute a process to review and maintain SIEM resources such as rules, filters, lists, trends and reports.
Utilize SIEM to develop metrics collection, analysis, and create reports upon request.
Provide training to government personnel as requested.
Provide knowledge transfer of tools, processes and procedures to government personnel as requested.
Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.
o Create, document, and report metrics for analysis to improve weapon system processes and mission execution.
o Support operational leaderships tasking as it relates to Content Development functions and responsibilitiesRequirements Skills:
o U.
SCitizen DoDD 8570.
01-M/8140.
01 I AT Level III CND Active TS/SCI More than 5 years of SIEM technology such as ArcSight, Splunk, and/or ELK.
More than 3 years with network traffic analysis, ports, and protocolsBA/BS or MA/MS More than five (5) years of SIEM technology such as Arcsight, Splunk and/or ELKIncluding, but not limited to, log handling, reports, filters, rule creation.
Extensive knowledge with IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.
e.
, Air Force, Navy, Army, DC3, DISA).
More than three (3) years of experience with Network Traffic Analysis; ports and protocolsSANS GCDA or equivalent certification(s).
Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.
g.
, Open Source projects)Desired Skills:
o Additionally, more than one (1) year of experience with Security, Orchestration, Automation, and Response (SOAR) platforms such as Phantom and/or Demisto.
Proficient in Python and PowerShell.
IntelliGenesis, LLC is an EOE M/F/D/V Recommended Skills Assessments Automation Computer Networks Dashboard Metrics Open Source Technology Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3p75p6z1qw346p81f1', 'ExternalApply-j3p75p6z1qw346p81f1'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
Offensive & Defensive Cyber Services, National Security Cyber Training, Data Science & Decision-Making Analytics, Intelligence Analysis, and Intelligence Solutions EngineeringIntelliGenesis offers an extremely competitive and generous benefits package that provides employees with both professional and personal satisfaction and growth while keeping focus on supporting the missionAdditionally, our employees enjoy a company culture that emphasizes the importance of family and work/life balanceOur benefits include:
Medical, Dental and Vision Insurance, 25 days of PTO with the option to purchase up to an additional 5 days, 12 paid holidays, up to 10% 401k match, Annual Individual Technology Budget, Unlimited Education/Training Reimbursements, and much more! Job Duties:
o Analyze DCO events.
Apply current industry SIEM best-practices.
Use security alerts correlated with log enrichment data to enhance the operator's ability to identify real attacks.
Establish security control effectiveness and monitor for unauthorized outbound connections Create detections by analyzing log data across the enterprise.
o Develop dashboards and visualizations to identify adversarial activity.
o Use log data to establish and implement virtual tripwires for early detection.
Analyze and ingest security logs into the SIEM in order to optimize for performance of the SIEM.
Conduct designing, implementing, and testing of various SIEM solutions.
o Create and support the creation of SIEM Use Cases and understand what alerts and log enrichment is necessary to meet the required acceptable false positive rate.
o Create, test, and validate filters and rules.
o Build and implement event correlation rules, logic, and content in the SIEM.
o Tune SIEM event correlation rules and logic to filter out security events associated with known and well established network behavior, known false positives and/or known errors.
Analyze malware threats to develop behavior based detections that alert and/or prevent malicious activity.
Automate tasks in the SIEM using a common programming or scripting language.
Create scheduled and ad-hoc reporting with SEIM tools.
o Create and maintain SIEM documentation.
o Develop and execute a process to review and maintain SIEM resources such as rules, filters, lists, trends and reports.
Utilize SIEM to develop metrics collection, analysis, and create reports upon request.
Provide training to government personnel as requested.
Provide knowledge transfer of tools, processes and procedures to government personnel as requested.
Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.
o Create, document, and report metrics for analysis to improve weapon system processes and mission execution.
o Support operational leaderships tasking as it relates to Content Development functions and responsibilitiesRequirements Skills:
o U.
SCitizen DoDD 8570.
01-M/8140.
01 I AT Level III CND Active TS/SCI More than 5 years of SIEM technology such as ArcSight, Splunk, and/or ELK.
More than 3 years with network traffic analysis, ports, and protocolsBA/BS or MA/MS More than five (5) years of SIEM technology such as Arcsight, Splunk and/or ELKIncluding, but not limited to, log handling, reports, filters, rule creation.
Extensive knowledge with IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.
e.
, Air Force, Navy, Army, DC3, DISA).
More than three (3) years of experience with Network Traffic Analysis; ports and protocolsSANS GCDA or equivalent certification(s).
Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.
g.
, Open Source projects)Desired Skills:
o Additionally, more than one (1) year of experience with Security, Orchestration, Automation, and Response (SOAR) platforms such as Phantom and/or Demisto.
Proficient in Python and PowerShell.
IntelliGenesis, LLC is an EOE M/F/D/V Recommended Skills Assessments Automation Computer Networks Dashboard Metrics Open Source Technology Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3p75p6z1qw346p81f1', 'ExternalApply-j3p75p6z1qw346p81f1'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
