Input Technology Solutions
As required by our governmental client, this position requires being a US Citizen AND an active Top Secret or DOE Q clearance to be considered.
The candidate will provide senior technical leadership. This position requires daily interaction with management, security personnel at customer sites, and government personnel with other federal agencies. Applicant must be a positive, flexible, self-starter requiring minimal direct supervision, and able to excel as a leader in the fast-paced cybersecurity industry. The Cyber Technical Lead is responsible for advancing the state of analytic techniques and tools. This position is heavily focused on the development of automated solutions within a cybersecurity operations team.
Responsibilities
Serve as a Subject Matter Expert (SME) within the team for technical expertise.
Lead or contribute to projects advancing the state of analytic techniques and tools.
Investigate and develop detections for new and evolving threats.
Analyze escalated alerts in support of network security monitoring operations.
Develop and review high-visibility notifications for enterprise customers.
Review and analyze network packet capture files.
Review and analyze SIEM and IDS alerts.
Review of security vulnerability data.
Utilize threat hunting techniques to pro-actively identify threat activity.
Identification, review, and tracking of malicious code.
Provide customers with remediation recommendations. Contribute as needed to incident response activity. Develop use of new services, technology, and products. Conduct training and coaching sessions for SOC personnel on analytic techniques and tools. Create, review, and approve new procedural documentation. Travel up to 10% (Mostly for trainings and conferences) Performs other job-related duties as assigned
Experience, Education, Skills, Abilities requested: Bachelor's Degree in Computer Science, Information Systems, Information Security or related technical discipline OR four (4) years professional IT experience in lieu of degree. Seven (7) years of technical experience, with a preference of experience in network security monitoring/analysis/engineering. Experience with Splunk Enterprise Security and Phantom. Experience with programming languages, including Python. Significant experience with IDS and SIEM rule development. Excellent knowledge of network and host-based IDS/IPS. Excellent experience with SIEM technologies. Experience with SOAR solutions. Knowledge of Anti-Malware or EDR technologies. Reporting malicious activity to customer sites. Knowledge of networking. Knowledge of common network protocols. Excellent knowledge of information security principles. Excellent problem solving and troubleshooting skills. Excellent verbal and written communication skills. Excellent technical and business writing skills. Excellent customer service skills. Possess DoD approved baseline certifications for IAT Level II and CSSP Analyst (or required to obtain within the first six months of employment). Pre-Employment Drug Test: Applicants selected for this position must pass a post-offer, pre-employment drug test. This includes testing for use of marijuana as Federal Law applies to us as a Federal Contractor Work Schedule: Full-time, hybrid on-site in Las Vegas. Number of in-office and remote days is decided at the discretion of customer. However, it is usually 3 days a week in office and 2 days a week remote.
Provide customers with remediation recommendations. Contribute as needed to incident response activity. Develop use of new services, technology, and products. Conduct training and coaching sessions for SOC personnel on analytic techniques and tools. Create, review, and approve new procedural documentation. Travel up to 10% (Mostly for trainings and conferences) Performs other job-related duties as assigned
Experience, Education, Skills, Abilities requested: Bachelor's Degree in Computer Science, Information Systems, Information Security or related technical discipline OR four (4) years professional IT experience in lieu of degree. Seven (7) years of technical experience, with a preference of experience in network security monitoring/analysis/engineering. Experience with Splunk Enterprise Security and Phantom. Experience with programming languages, including Python. Significant experience with IDS and SIEM rule development. Excellent knowledge of network and host-based IDS/IPS. Excellent experience with SIEM technologies. Experience with SOAR solutions. Knowledge of Anti-Malware or EDR technologies. Reporting malicious activity to customer sites. Knowledge of networking. Knowledge of common network protocols. Excellent knowledge of information security principles. Excellent problem solving and troubleshooting skills. Excellent verbal and written communication skills. Excellent technical and business writing skills. Excellent customer service skills. Possess DoD approved baseline certifications for IAT Level II and CSSP Analyst (or required to obtain within the first six months of employment). Pre-Employment Drug Test: Applicants selected for this position must pass a post-offer, pre-employment drug test. This includes testing for use of marijuana as Federal Law applies to us as a Federal Contractor Work Schedule: Full-time, hybrid on-site in Las Vegas. Number of in-office and remote days is decided at the discretion of customer. However, it is usually 3 days a week in office and 2 days a week remote.