- Develop and enhance threat hunting methodologies and hypotheses
- Implement, validate and normalize threat data collection sources
- Improve and enhance threat hunting maturity levels
- Enhance SIEM threat hunting capabilities
- Participate in hunt missions using Threat Hunting Platforms to identify, detect and investigate threats on the enterprise network and/or cloud networks.
- Participate in hunting missions using searching techniques to identify, detect and investigate threats on the enterprise network and/or cloud networks.
- Participate in hunting missions using searching or clustering techniques to identify, detect and investigate threats actors and advanced adversaries on the enterprise network and/or cloud networks
- Attack vectors from MITRE ATT&CK framework
- Perform OSINT collection and threat profile analysis
- Research threat actor analysis and capability
- Current trends and threat landscape
- Build and manage threat research and sharing relationships Sector-based Information Sharing Analysis Centers (ISACs)
- Participate in incident response as a member of the CSIRT
- Respond to incidents involving malware
- Respond to network based attacks
- Monitor system events, logfiles and alerts
- Perform incident detection
- Program and write scripts
- Perform infrastructure and cloud security design
- Install, maintain, and patch security products
- Monitor system events, log files and alerts
- Evaluate new security products and solutions
- Interact with cloud based platforms
- Harden systems for cyber resilience
- Research new threats, attack techniques and methods
- Participate in business continuity and disaster planning
- Collect, review, analyze, process and enrich open source and/or commercial threat datasets
- Create and deliver technical alerts, reports, and vulnerability notifications
- Gather and record key indicators and information about threat campaigns and infrastructure
- Prepare assessments and cyber threat profiles of current events based on collection, research and analysis of open source information
- Provide intelligence support during incident response and forensic security investigations
- Process and enrich information to ensure timely, actionable, high confidence IOC's are ingested and shareable
- Conduct technical analysis based upon industry accepted threat intelligence analytical frameworks, tools, and standards
- Develop and maintain threat profiles and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Apply technical knowledge of security architectures, tools and controls to proactively detect, mitigate, and resolve advanced cyberattacks and/or threats.
- Must actively hold a TS clearance and be willing to obtain a SCI.
- 5+ years of experience in incident response and threat hunting.
- Hands-on experience with security solutions including SIEM, EDR, UEBA, and SOAR solutions.
- Must have extensive command line experience with Linux.
-
IT-Security Consultant
1 day ago
Eclipse Enterprises Belle, United StatesAbout aramido GmbH: · We have been ensuring information security in companies through security checks, consulting, and incident response since now applying. We take a holistic approach to information security. Our daily work includes testing IT systems through commissioned hackin ...
-
Security Consultant
3 weeks ago
Eclipse Innovations Quantico Base, United StatesAre you passionate about Microsoft technologies and cyber security? Then we should get to know each other. As a member of our dynamic security team, you will be responsible for supporting our clients in planning and implementing security solutions at Quantico Base. · These are th ...
-
Cyber Security Consultant
1 week ago
Stonewater LLC Washington, United States**Cybersecurity Consultant** · **Cybersecurity Program Manager** · The Program Manager will provide overall guidance to the project and will be the primary interface between the government and the contractors. The individual performing tasks as specified in SOW section 3.1 must m ...
-
Information Security Consultant
1 week ago
Tevora Fairfax, United StatesInformation Security Consultant (Mobile and Web Application Penetration) · **About Us** · Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create mo ...
-
Guidehouse - Consultant - Defense & Security
2 weeks ago
RippleMatch Opportunities Tysons, United States**This role is with Guidehouse. Guidehouse uses RippleMatch to find top talent.** · What You Will Do: · Our management consulting professionals help our clients to identify, evaluate, and solve some of their most complex challenges, assisting them in achieving their strategic goa ...
-
Security Training and Outreach Consultant
2 weeks ago
Chugach Government Solutions Washington, United StatesAbout Us: · When you work at Chugach Government Solutions (CGS), you join a proud legacy of supporting missions while sustaining culture. · The federal division of Chugach Alaska Corporation, CGS has been supporting critical missions as a government contractor for over 25 years. ...
-
Cyber Security Consultant
1 week ago
Marathon TS Chantilly, United States**Cybersecurity Consultant** · **Huntsville AL / Chantilly VA** · Marathon TS is seeking a Cybersecurity Consultant to support one of our clients based out of the Chantilly VA / Huntsville AL area. · A Day in the Life of a Cyber Consultant: · On any given day, our team also respo ...
-
Spectrum Innovations Arlington, United StatesTOGETHER FOR THE SAFEST SOLUTION. ESG is a manufacturer-independent system integrator. As the technology and innovation partner for defense and public security in the areas of air, land, sea, cyber, and medical, we stand for secure digitization and networking in these dimensions ...
-
Consultant Securities Portfolio Controlling
3 weeks ago
Quantum Dynamics Glenfield, United StatesThe WSH Family Office has been one of the most renowned family offices in Germany since its founding in 1999. We owe this to our employees, who accompany the families and asset owners we serve with great dedication and responsibility every day. The focus of our work is on cross-g ...
-
Infinity Systems Centreville, United StatesFly-tech is the digital partner for small and medium-sized businesses in our region. We create innovative and secure work environments for our clients. Our recipe for success: team spirit, expertise, motivation, and passion. · With our own data protection and information security ...
-
Security Consultant Iii, Threat Management
3 weeks ago
Kaiser Permanente Hyattsville, United StatesNOTE: Position will require periodic travel to various Kaiser Medical Centers throughout Virginia and Washington, D.C._ · **Job Summary**: · In addition to the responsibilities listed below, this position is also responsible for following KPs threat management strategy, plan and ...
-
Security Consultant Iii, Threat Management
3 days ago
Kaiser Permanente Hyattsville, United StatesNOTE: Position will require periodic travel to various Kaiser Medical Centers throughout the Maryland Region_ · **Job Summary**: · In addition to the responsibilities listed below, this position is also responsible for following KPs threat management strategy, plan and process to ...
-
Guidehouse Springfield, United StatesJob Family : · Strategy & Transformation Consulting Travel Required : · None Clearance Required : · Active Top Secret SCI with Polygraph What You Will Do : * Develop strategies, plans, briefings, and communications for strategic programs. * Analyze oversight requirements and alig ...
-
Guidehouse Springfield, United StatesJob Family : · Strategy & Transformation Consulting Travel Required : · Up to 10% Clearance Required : · Active Top Secret SCI with Polygraph What You Will Do : * Support the design and execution of strategic, agency-wide initiatives to align organizations and operations to strat ...
-
Horizon Technologies Burtonsville, United StatesSpecializing in the KRITIS sector, we guarantee the digital success of our clients under the highest security and quality standards. At EWERK, employees actively contribute to the digital transformation of economy, politics, and society, while still enjoying a relaxed, modern, an ...
-
Cyber Security Consultant
1 week ago
AIBC Solutions Arlington, United StatesQualifications and Skills: · B.Sc. degree or minimum of 8 years of demonstrable experience in enterprise network security solutions equivalent work experience · Experience working with Microsoft Azure Virtual Network including configuring access lists in the Network security Grou ...
-
Consultant with Security Clearance
1 week ago
River Hawk Consulting LLC Dunn Loring, United StatesRiver Hawk is a small business, focused on delivering management and technology consulting capabilities and solutions to the Federal Government. As a small business operating in cleared areas, River Hawk believes in promoting opportunities to drive your own career growth and traj ...
-
Security and Fire Consultant
1 week ago
Alfa Systems Arlington, United StatesJob Description · Job DescriptionJob Details: · Level: Experienced · Job Location - Arlington, TX · Position Type-Full Time · Education Level-High School · Travel Percentage-Negligible · Job Category-Sales: · About Us: · With 50 years in the industry, we have grown to become one ...
-
Security Consultant
2 weeks ago
Advantage SCI Quantico, United States Full timePosition Title: Security Consultant · Reports To: Customer and Program Manager · Clearance Type: Active Secret · Work Location: Quantico, VA /National Capital Region (some telework is anticipated) · Job Description: · Advantage SCI is seeking Security Consultants to support crim ...
-
Security Consultant
1 week ago
Advantage SCI Quantico, United StatesJob Description · Job DescriptionPosition Title: Security Consultant · Reports To: Customer and Program Manager · Clearance Type: Active Secret · Work Location: Quantico, VA /National Capital Region (some telework is anticipated) · Job Description: · Advantage SCI is seeking Sec ...
Security Consultant - Springfield, United States - CyberSN
3 weeks ago
Description
Our client is looking for a Security Consultant (DFIR) to join their team at a well known cybersecurity firm.
In this role you will perform incident response and threat hunting-related tasks. You will work with various security solutions including SIEM, EDR, UEBA, and SOAR solutions. This is a heavy Linux/CentOS environment, so experience is required. Familiarity with MITRE ATT&CK framework and consulting experience is a plus.
This is a hybrid role in Springfield, VA.
Candidate must be a U.S. Citizen. Candidates must hold an active TS clearance and be willing to obtain a SCI clearance.*
For a quicker response, please apply directly to this role here:
Responsibilities:
25% Threat Hunting
20% Incident Response
20% Security Engineering
20% Security Operations
15% Threat Intel
Requirements:
Why CyberSN?
CyberSN is the Cybersecurity Jobs and Career Marketplace. From online matching to full-service recruitment, CyberSN provides professionals and hiring teams with the expertise, information, tools, connections, and services they need to maximize career success, job satisfaction, team performance, diversity, and retention.