Job Title: Defensive Cyber Operations Engineer – Security Validation

Job Type: Full Time

Location: Remote

Clearance: Secret

Who is Ardalyst Defense, LLC?

Ardalyst Defense, LLC is a Maryland, Service-Disabled Veteran-Owned Small Business (SDVOSB) that provides engineering services and technical, analytical and cyberspace operations services to integrated U.S. government agency operations. Ardalyst personnel have decades of direct operations experience in full-scope Cyberspace Operations - at the Service, Joint and National Agency levels.

Are you an Ardalyst?

Ardalyst is a mashup of Ardent, meaning “passionate” and Catalyst, meaning “change agent.” To be an Ardalyst means to be passionate about creating and sustaining meaningful transformations.

Speak Your Mind – Collaboration is at the heart of everything we do and our belief in diversity of people supports our goal for diversity in thought. Ardalysts (that isn’t just what we call ourselves) come ready to contribute and find solutions.

Focus On Your Strengths – We invest in understanding the strengths and weaknesses of each employee so that you can shine at what YOU do best.

See Yourself Grow – Ardalysts have cited being encouraged to take educated risk, kick-start progress, and advance their skills as one of their favorite things about working at Ardalyst and we are determined to keep it that way.

Job Description

We are seeking a Defensive Cyber Operations Engineer to add to our dynamic team. In this role, you will be part of the engineering team responsible for designing and testing future defensive cyber operations (DCO) / security operations (SOC) solutions based on next generation open source and best of breed commercial solutions.

Your primary responsibility is to ensure our customers’ requirements have been realized. You will design testing criteria and perform testing and evaluation of the as-implemented solution to ensure our solution will meet the customer’s needs. Additionally, you will deploy, configure, and utilize a leading-edge breach as a service (BaaS) product to stimulate sensing technologies and analytics. You will work with customers to clarify requirements and engineers to ensure positive outcomes. You will fuse a keen sense of empathy for the customer’s challenges with your hands-on expertise with SOC, DCO, and IT security solutions to delight the customer.

Duties and Responsibilities

• Identify Customer Requirements: Meet with customers to understand and capture their current challenges and opportunities.
• Collaborate effectively: Leveraging the customers’ requirements; partner with sales, developers, engineering, and customer team members to solve issues and provide sustainable solutions.
• Deliver Value: Through developing, deploying, and integrating security validation workflows for our customers.

Required Skills

• Experience implementing and optimizing various SOC/analyst tools: sensing, IDS/IPS, EDR, NDR, XDR, SIEM, SOAR, BAS, big data, and the like.
• Hands-on experience in development, scripting, and/or cloud technologies.
• Experience working in a cross functional team
• Strong verbal and presentation skills.
• Writing and editing technical/functional requirements, design specs, and design documents .

Required Qualifications

• 6 years industry experience in cybersecurity, information technology, cloud, or related roles.
• Bachelor’s degree in engineering, Computer Science, or other similar related field, or 5 additional years of equivalent experience.
• This position requires the ability to obtain and maintain a DoD Secret security clearance.
• The ability to travel to customer sites 0-25% as required.

 Additional Preferred Qualifications

• 2+ years in a technical alert/incident handling role in a defensive cyber operations (DCO) / security operations (SOC) center: triage, investigation, response, forensics, or similar
• Hands-on experience performing formal test development and test execution of technical IT and security solutions.
• Hands-on experience with a Breach-as-a-Service (BaaS) or Breach and Attack Simulation (BAS) product such as AttackIQ, Cymulate, Mandiant Secure Advantage, Caldera, or similar
• Hands-on experience with Azure or Azure Stack HCI
• Understanding of modern threat environments and attack types, as well as secure system design; hands-on experience with any of the following are a plus:
  • Security incident response, vulnerability assessment, or penetration testing
  • Threat modeling, threat analysis, and ATT&CK
• Strong analytical skills, critical thinking skills and problem-solving skills.
• Capability to independently complete project tasks with minimal supervision.
• DevOps and DevSecOps focus with experience building and deploying infrastructure with automation like Ansible, Chef, Puppet, Terraform, etc. with security features and secure system design built in.
• Self-motivated, highly organized and detail oriented with the ability to work independently, prioritize and multi-task.
• Domain-related certifications are a plus, such as from Microsoft, SANS, Offensive Security, ISC2, etc.

Physical Requirements

• Prolonged periods of sitting at a desk and working on a computer
• This is a remote / work-from-home role.

Benefits

• Competitive salary commensurate with experience
• Paid Time Off (PTO)
• Paid Holidays
• 401(k) Retirement Plan
• Health, Dental, Vision and Life insurance
• Short Term and Long-Term Disability insurance
• Monetary assistance with training and certifications

Disclaimer

Ardalyst Defense, LLC is an EOE that empowers employees, no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to meet and exceed customer expectations and thrive in a collaborative and dynamic work environment.