Cybersecurity Engineer - Mid-Level

Tyto Athene, LLC

2d•$100,000 - $107,000

About The Position

Tyto Athene is searching for a Cybersecurity Engineer - Mid-Level to support a defense customer in Richmond, VA Responsibilities: Lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis Analyze information technology cybersecurity events to discern events that qualify as legitimate security incidents as opposed to non-incidents. Conduct security event triage, incident investigation, implement countermeasures, and conduct computer incident response. Monitor customer's Security Information and Event Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting (i.e. Splunk, Azure Sentinel). Analyze security events (i.e. windows event logs, network traffic, IDS events for malicious intent) Track cyber activities within various SOC workflows. View alerts and system logs from various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. View and analyze NetFlow data and packet capture (PCAP). View logs derived from network devices and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.) Assist with preparing, validating, and maintaining security documentation including, but not limited to cybersecurity incident response plan, risk assessments, legal investigations. Conduct SOC level 1tasks and duties, when needed. Escalate when necessary to Level 3 support, SOC lead, or watch officer. Other services and support as needed or directed by the government

Requirements

3-7 years’ of experience in a relevant field
Ensure personnel are compliant with DoDI 8140.02 Identification, Tracking, and Reporting of Cyberspace Workforce Requirements as set forth in the DoD Cyber Workforce Framework (DCWF). Personnel must hold required certifications at time of hire and must maintain certifications for the entire performance period.
Ensure Incident Response & Analysis personnel also assigned as forensic analysts also hold and maintain an industry-recognized Computer Forensics certification such as the GIAC GCFE, GCFA, or EC-Council CHFI.
Ensure Incident Response & Analysis personnel are knowledgeable of industry-standard methods and practices concerning the use and monitoring of intrusion detection products in a production network.
Secret Clearance required

Responsibilities

Lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis
Analyze information technology cybersecurity events to discern events that qualify as legitimate security incidents as opposed to non-incidents.
Conduct security event triage, incident investigation, implement countermeasures, and conduct computer incident response.
Monitor customer's Security Information and Event Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting (i.e. Splunk, Azure Sentinel).
Analyze security events (i.e. windows event logs, network traffic, IDS events for malicious intent)
Track cyber activities within various SOC workflows.
View alerts and system logs from various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks.
View and analyze NetFlow data and packet capture (PCAP).
View logs derived from network devices and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
Assist with preparing, validating, and maintaining security documentation including, but not limited to cybersecurity incident response plan, risk assessments, legal investigations.
Conduct SOC level 1tasks and duties, when needed.
Escalate when necessary to Level 3 support, SOC lead, or watch officer.
Other services and support as needed or directed by the government