- Create Threat Models to better understand the CBP IT Enterprise, identify defensive gaps, and prioritize mitigations
- Author, update, and maintain SOPs, playbooks, work instructions
- Utilize Threat Intelligence and Threat Models to create threat hypotheses
- Plan and scope Threat Hunt Missions to verify threat hypotheses
- Proactively and iteratively search through systems and networks to detect advanced threats
- Analyze host, network, and application logs in addition to malware and code
- Prepare and report risk analysis and threat findings to appropriate stakeholders
- Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation
- Coordinate with different teams to improve threat detection, response, and improve overall security posture of the
- Expertise in network and host based analysis and investigation
- Demonstrated experience planning and executing threat hunt missions
- Understanding of complex Enterprise networks to include routing, switching, firewalls, proxies, load balancers
- Working knowledge of common (HTTP, DNS, SMB, etc) networking protocols
- Familiar with operation of both Windows and Linux based systems
- Proficient with scripting languages such as Python or PowerShell
- Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
- The candidate must currently possess a Top Secret Clearance. In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
- Should have 2 years of experience serving as a SOC Analyst or Incident Responder
- Ability to work independently with minimal direction; self-starter/self-motivated
-
Security Engineer with Security Clearance
21 hours ago
Gridiron IT Solutions San Francisco, United States PermanentGridiron IT is seeking a Security Engineer local to Ashburn, VA with a active DHS CBP Tier 4 Public Trust or equivalent of DoD Secret and up. Gridiron IT is hiring a Security Engineer to support a federal customer located in Ashburn, VA. Two to three days will be working on site ...
-
VAT Analyst with Security Clearance
1 week ago
Base One Technologies San Francisco, United States PermanentPrimary Responsibilities · Perform research on current threats and vulnerabilities. Will be responsible for authoring security advisories. Manage enterprise vulnerability compliance and will conduct vulnerability assessments of IT systems. This position location is Ashburn, Virgi ...
-
Penetration Tester with Security Clearance
1 week ago
Base One Technologies San Francisco, United States PermanentPrimary Responsibilities · Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies. · Perform web app pentests · Perform vulnerability risk assessment · Perform physical pentests and social engineering · Perform cyber inc ...
-
Splunk SME with Security Clearance
1 week ago
Base One Technologies San Francisco, United States PermanentPrimary Responsibilities · • The selected candidate will provide overall engineering, and administration in supporting a very large distributed clustered Splunk environment consisting of search heads, indexers, deployers, deployment servers, heavy/universal forwarders and Splunk ...
-
Security Engineer with Security Clearance
2 weeks ago
Base One Technologies San Francisco, United States PermanentPrimary Responsibilities · The Cyber Security Engineer will support the full system engineering life-cycle, including requirements analysis, design, development, test, implementation, maintenance, integration, and documentation of SOC infrastructure and SOC tool suite. The Senior ...
-
Kyrus Tech, Inc. San Francisco, United States PermanentJob Type: Full-time · Location: Sterling, VA and WFH Clearance Requirements: Must be a U.S. citizen; TS clearance required · Years of Experience: 4-7 years Working with Kyrus · Kyrus is committed to solving our customer's hardest problems with eagerness, effectiveness, and effici ...
-
Gray Tier LLC San Francisco, United States PermanentDepartment of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective secu ...
-
Cyber Security Engineer with Security Clearance
2 weeks ago
Base One Technologies San Francisco, United States PermanentWork location: Ashburn VA · 222 - Senior Security Engineer Must Have One of the Following J3 Certifications Sr. Security Engineer: · CompTIA Advanced Security Practitioner (CASP) · GCIH - Incident Handler · GCWN - Windows Security Administrator · GISF - Security Fundamentals · GI ...
-
Agile Defense Ashburn, United StatesYou will need to login · before you can apply for a job. · Incident Response Lead with Security Clearance · At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmo ...
-
Incident Response Lead with Security Clearance
6 hours ago
Agile Defense Ashburn, United StatesYou will need to login · before you can apply for a job. · Incident Response Lead with Security Clearance · At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unm ...
-
DevOps Engineer with Security Clearance
1 week ago
Eighty20 Collective, LLC. San Francisco, United States PermanentWe are at the forefront of developing and operating state-of-the-art of Geospatial Intelligence analysis software. The team builds and maintains an exceptionally powerful platform enabling our users to address challenging real-world problems by converting disparate data into acti ...
-
REI Systems San Francisco, United States PermanentSenior Capture Manager - Federal Civilian Agencies Job Locations USA-VA-Sterling · # of Openings 1 Category Marketing/Sales/Business Dev/Capture/Growth Overview · REI Systems provides reliable, effective, and innovative technology solutions that advance federal, state, local, and ...
-
HRUCKUS San Francisco, United States PermanentVeteran-Owned Firm Seeking a QA/Change Control Coordinator for a Role in Ashburn, VA · My name is Stephen Hrutka, and I lead a veteran-owned management consulting firm in Washington, DC, focused on Technical/ Cleared Recruiting for the DoD and IC. · HRUCKUS helps other Veteran-Ow ...
-
Systems Engineer with Security Clearance
2 weeks ago
Base One Technologies San Francisco, United States PermanentOur Ashburn VA based client is looking for a Systems Engineer. If you are qualified for this position, please email your updated resume in word format to Primary Responsibilities · Perform research on current threats and vulnerabilities. Will be responsible for authoring security ...
-
ISSO with Security Clearance
1 week ago
Knowledge Systems, LLC San Francisco, United States PermanentISSO responsibilities for new or existing system(s) may include: · • Perform tasks delegated by the ISSM in support of various information assurance programs · such as security authorization activities in compliance with Risk Management Framework (RMF) · policies and procedures ...
-
Penetration Tester with Security Clearance
2 weeks ago
Anonymous Employer San Francisco, United States PermanentPrimary Responsibilities · • Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies. · • Perform web app pentests · • Perform vulnerability risk assessment · • Perform physical pentests and social engineering · • Perform ...
-
Splunk Engineer with Security Clearance
2 weeks ago
Anonymous Employer San Francisco, United States PermanentThe candidate should have experience deploying and configuring Universal Forwarders and possess demonstrable knowledge of data collection methods such as Syslog, JDBC, or API. This position requires solid experience developing Splunk search queries, and dashboards and reports. Ni ...
-
Splunk Engineer with Security Clearance
2 weeks ago
Base One Technologies San Francisco, United States PermanentOur Ashburn VA based client is looking for Splunk Engineers. If you are qualified for this position, please email your updated resume in word format to Primary Responsibilities · The candidate should be proficient with recognizing and on-boarding new data sources into Splunk, ana ...
-
Detection Engineer with Security Clearance
2 weeks ago
Base One Technologies San Francisco, United States PermanentPrimary Responsibilities · • Identify gaps in malicious activity detection capabilities · • Create new signatures / rules to improve detection of malicious activity · • Test and tune existing signatures / rules to ensure low rate of false positives · • Assist in playbook developm ...
-
Technician - Security Clearance Required
3 weeks ago
CACI Dulles, United StatesTechnicianJob Category: Engineering and Technical SupportTime Type: Full timeMinimum Clearance Required to Start: NoneEmployee Type: RegularPercentage of Travel Required: NoneType of Travel: None* * *CACI seeks a talented Technician to join within the National Security and Innova ...
Threat Hunt Analyst with Security Clearance - San Francisco, United States - Gray Tier LLC
3 weeks ago
Description
Primary Responsibilities:
The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious.
The Cyber Threat Hunter will:
Enterprise Basic Qualifications:
The ideal candidate will have the following qualifications:
