Peraton
Cyber Threat Detection Engineer
Peraton, Herndon, Virginia, United States, 22070
Cyber Threat Detection Engineer
Job Locations:
USRequisition ID:
2024-149295Position Category:
Information TechnologyClearance:
Public TrustResponsibilities
We are seeking a
Cyber Threat Detection Engineer
to develop an automated threat detection process that is customizable, flexible, and repeatable, and produces high-quality alerts for security teams. This role involves designing and implementing processes to accurately detect threats in complex environments, including mainframe, on-premise mid-range, and AWS Cloud environments.What you will do:Threat Analysis and Detection:
Develop and implement detection rules and signatures.Perform threat hunting and analysis to identify potential security incidents.Utilize SIEM tools to monitor and analyze security alerts.
Automation and Tool Development:
Build automation for repetitive tasks using scripting languages.Develop custom tools and dashboards to enhance detection capabilities.
Incident Response Support:
Collaborate with incident response teams to investigate and mitigate security incidents.Provide detailed forensic analysis of network and system activities.
Security Posture Improvement:
Evaluate and enhance the configurations of security tools.Recommend and implement new security technologies and solutions.
Documentation and Reporting:
Prepare technical reports and present findings to stakeholders.Maintain up-to-date documentation of security processes and procedures.
Qualifications
Required Qualifications:2 years with BS/BA. Additional 4 years of experience may be accepted in lieu of the degree.Experience in creating and tuning alerting rules from a SIEM system and other devices in response to evolving threats.Proficiency in researching TTPs and developing high-fidelity detections in various tools/languages, including but not limited to ArcSight, OpenSearch, Elastic Stack, Suricata, Snort, Zeek, and Bro.Experience in log analysis from multiple sources (e.g., firewall, IDS, endpoints) to identify and investigate security events and anomalies.Expertise in packet-level analysis (e.g., Wireshark, tcpdump, tshark) and a solid understanding of TCP/IP protocols (OSI layers 3-7) for investigating network traffic.Proficiency in scripting languages (Python, PowerShell, Bash, etc.) for parsing machine-generated data, interacting with REST APIs, and automating repetitive tasks.Understanding of operating system internals for Windows and/or Linux.Experience with AWS cloud infrastructure and the security implications of hybrid environments.Knowledge of attacker tactics, techniques, and procedures.Familiarity with vulnerability research and exploit development.Understanding of malware analysis and memory forensics.Must be a US Citizen.Must be able to obtain/maintain the required agency clearance.Preferred Qualifications:Active Public Trust Clearance.Previous experience with the Federal Government.Benefits:At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We're fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.
#J-18808-Ljbffr
Job Locations:
USRequisition ID:
2024-149295Position Category:
Information TechnologyClearance:
Public TrustResponsibilities
We are seeking a
Cyber Threat Detection Engineer
to develop an automated threat detection process that is customizable, flexible, and repeatable, and produces high-quality alerts for security teams. This role involves designing and implementing processes to accurately detect threats in complex environments, including mainframe, on-premise mid-range, and AWS Cloud environments.What you will do:Threat Analysis and Detection:
Develop and implement detection rules and signatures.Perform threat hunting and analysis to identify potential security incidents.Utilize SIEM tools to monitor and analyze security alerts.
Automation and Tool Development:
Build automation for repetitive tasks using scripting languages.Develop custom tools and dashboards to enhance detection capabilities.
Incident Response Support:
Collaborate with incident response teams to investigate and mitigate security incidents.Provide detailed forensic analysis of network and system activities.
Security Posture Improvement:
Evaluate and enhance the configurations of security tools.Recommend and implement new security technologies and solutions.
Documentation and Reporting:
Prepare technical reports and present findings to stakeholders.Maintain up-to-date documentation of security processes and procedures.
Qualifications
Required Qualifications:2 years with BS/BA. Additional 4 years of experience may be accepted in lieu of the degree.Experience in creating and tuning alerting rules from a SIEM system and other devices in response to evolving threats.Proficiency in researching TTPs and developing high-fidelity detections in various tools/languages, including but not limited to ArcSight, OpenSearch, Elastic Stack, Suricata, Snort, Zeek, and Bro.Experience in log analysis from multiple sources (e.g., firewall, IDS, endpoints) to identify and investigate security events and anomalies.Expertise in packet-level analysis (e.g., Wireshark, tcpdump, tshark) and a solid understanding of TCP/IP protocols (OSI layers 3-7) for investigating network traffic.Proficiency in scripting languages (Python, PowerShell, Bash, etc.) for parsing machine-generated data, interacting with REST APIs, and automating repetitive tasks.Understanding of operating system internals for Windows and/or Linux.Experience with AWS cloud infrastructure and the security implications of hybrid environments.Knowledge of attacker tactics, techniques, and procedures.Familiarity with vulnerability research and exploit development.Understanding of malware analysis and memory forensics.Must be a US Citizen.Must be able to obtain/maintain the required agency clearance.Preferred Qualifications:Active Public Trust Clearance.Previous experience with the Federal Government.Benefits:At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We're fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.
#J-18808-Ljbffr