Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Detection Engineer

A

Allyon, Inc.

Detection Engineer

Ashburn, VA
Full Time
Paid
Similar Jobs
  • Responsibilities

    Summary:

    Allyon, Inc. is an established IT and Healthcare Services firm and we love what we do! It makes our day when we are able help talented individuals achieve their career goals while at the same time helping our clients build quality teams. If you are interested in joining the Allyon Team, please apply or submit your resume for review today!

    Job Title: 

    Detection Engineer

    Duties & Responsibilities:

    • Identify gaps in malicious activity detection capabilities
    • Create new signatures / rules to improve detection of malicious activity
    • Test and tune existing signatures / rules to ensure low rate of false positives
    • Assist in playbook development for alert triage and Incident Response
    • Define and implement alert and threat detection metrics, statistics, and analytics
    • Recommend new tools/technologies to improve network visibility
    • Support Incident Response and Forensic operations as required to include static/dynamic malware analysis and reverse engineering
    • Author and maintain scripts for threat detection and automation

    Minimum Requirements:

    • In-depth knowledge of Firewalls/Proxies/Intrusion Detection Systems/ Domain Name Servers/DHCP/VPN and other network technologies and tools
    • Experience updating, maintaining, and creating IDS variables within a complex enterprise network
    • Expert in creating, modifying, tuning IDS signatures/SIEM Correlation Searches/yara rules and/or other detection signatures
    • Familiarity with disk based forensic methodologies, Windows, and Linux forensic artifacts
    • Experience with Endpoint Detection and Response (EDR) tools such as Carbon Black, Tanium, Crowdstrike, etc
    • Able to create, modify, update, and maintain Python and Powershell scripts that enhance endpoint detection capabilities
    • In-depth knowledge of attacker tactics, techniques, and procedures
    • Author, test, and maintain automation scripts within SOAR platform
    • The candidate must currently possess a Secret Clearance. In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
    • BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on cyber security or Masters with 6 years of prior relevant experience.
    • Should have a minimum of 5 years of experience serving as a digital media analyst or as a computer forensic analyst.

    One of the following:

    • Tier 2 (Response/DMA):
    • GCIH – Incident Handler
    • GCFA – Forensic Analyst
    • GCFE – Forensic Examiner
    • GREM – Reverse Engineering Malware
    • GISF – Security Fundamentals
    • "GXPN – Exploit Researcher and Advanced Penetration Tester"
    • GWEB – Web Application Defender
    • GNFA – Network Forensic Analyst
    • OSCP (Certified Professional)
    • OSCE (Certified Expert)
    • OSWP (Wireless Professional)
    • OSEE (Exploitation Expert)
    • CCFP – Certified Cyber Forensics Professional
    • "CISSP – Certified Information Systems Security"
    • CCNA Security
    • CCNP Security
    • CEH – Certified Ethical Hacker
    • CHFI – Computer Hacking Forensic Investigator
    • LPT – Licensed Penetration Tester
    • ECSA – EC-Council Certified Security Analyst
    • ENSA – EC-Council Network Security Administrator
    • ECIH – EC-Council Certified Incident Handler
    • ECSS – EC-Council Certified Security Specialist
    • ECES – EC-Council Certified Encryption Specialist
    • EnCE
    • Windows Forensic Examinations – FTK WFE- FTK
    • Computer Incident Responders Course - CIRC
    • Windows Forensic Examination – EnCase – Counter Intelligence (CI) - WFE-E-CI
    • "Forensics and Intrusions in a Windows Environment -“FIWE"

    Other:

    • SANS Global Information Assurance Certification (GIAC) Certified Intrusion Analyst (GCIA)
    • SANS Global Information Assurance Certification (GIAC) Certified Forensic Analyst (GCFA)
    • SANS Global Information Assurance Certification (GIAC) Certified Network Forensic Analyst (GNFA)
    • Certified Information System Security Professional (CISSP)

    What we Offer:

    • Competitive pay and benefits
    • 401k eligibility after 6 months of employment

    How to Apply:

    Please submit your resume below for this opportunity and to view other positions available, visit our careers page at https://jobs.crelate.com/portal/allyon/

     

    Allyon, Inc. is an equal employment opportunities (EEO) employer and terms of employment are without regard to race, color, religion, sex, national origin, age, disability or genetics. Allyon, Inc. complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment.