- Develop and implement detection feedback processes e.g., tuning false positives, etc
- Use machine learning and pattern analysis to improve detection of specific types of threats
Cyber Detection Engineer with Security Clearance - Fairmont, WV, United States - TMC Technologies
Description
TMC is in search of a Cyber Detection Engineer to develop detections based on intelligence available, then research and assist in implementing new detection methodsThis Detection Engineer will ensure that malicious activity will be detected within the environment
The DE is responsible for quality assurance of detections including filtering for potential false positives, mapping detections to MITRE ATT&CK framework, and specific campaigns/APTs when applicable
The Detection Engineer will work closely with other analysts to ensure detections are relevant to the current threat landscape
DE will work closely with the SIEM team to make recommendations for tuning and detection enhancements
The DE will evaluate the quality of data resulting from detections and ensure that the output of a detection leads to a meaningful investigation.
Additionally, due to federal contract requirements, the candidate must be a US citizen and possess a minimum of an active Secret clearance to startThe Cyber Detection Engineer will have the following responsibilities: - Configure tools to detect atomic, computed or behavioral indicators based on generated tactical intelligence across SOC's detection sensors such as Logging Infrastructure (SIEM, Connector/Forwarder, Data Stream Processing, etc.), Security Sensors (NIDS/NIPS, EDR, Email Protection, etc.)
, or SOARPrior experience performing as a SOC analyst Prior experience performing similar application security functions Strong analytical and troubleshooting skills Excellent written and verbal communication skills Team player CEH, GCIH, or relevant IT technology certification
Preferred Qualifications:
Active TS clearance Bachelor's degree or higher in technical field of study Upbeat and positive attitude Hands-on cybersecurity experience
Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vector, and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs)
Familiarity with the NOAA mission
We are equal opportunity/affirmative action employers, committed to diversity in the workplace
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status, or any other protected characteristic under state or local law.