SITEC - Threat Detection Engineer - MacDill AFB

PeratonTampa, FL
114d$104,000 - $166,000
Match Resume

About The Position

Peraton requires Threat Detection Engineers to support the Special Operation Command Information Technology Enterprise Contract (SITEC) - 3. This position is located at MacDill AFB in Florida. The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (NetOps) to include performing Defensive Cyber Operations (DCO) services, and supporting the Cybersecurity Service Provider (CSSP) to protect, monitor, analyze, detect, and respond to cyber incidents. Threat Detection Engineers develop, implement, and drive continuous improvement of threat detection capabilities and engineering solutions throughout the USSOCOM enterprise.

Requirements

  • 8 years with BS/BA, 6 years with MS/MA, 10 Years with AS/AA or 12 years with HS.
  • A DoD TS/SCI clearance is required.
  • IAT 2 and CSSP Analyst OR CSSP Incident Responder.
  • Prior Cybersecurity detection and response experience.
  • Experience in maintaining comprehensive documentation.

Nice To Haves

  • GIAC Certified Incident Handler Certification (GCIH).
  • CompTIA Advanced Security Practitioner (CASP+/SecurityX).
  • Ability to communicate security issues clearly to both technical and non-technical stakeholders.
  • Strong understanding of security technologies used to defend Enterprise networks such as EDR, XDR, IDS, IPS, SIEM and SOAR.

Responsibilities

  • Lead internal and external Purple Team engagements to validate continuous hardening of SOCOM networks and enable successful detection and response during real-world cybersecurity incidents and Red Team assessments.
  • Lead integration of data from multiple security tools to detect complex, multi-step attacks with high accuracy.
  • Explore and implement security technologies and methodologies to modernize security infrastructure and processes.
  • Work with the Active Cyber Defense team to design and execute realistic attack simulations that test the effectiveness of current detections.
  • Regularly update the Sysmon configuration used for endpoint monitoring to reflect evolving threat landscapes, ensuring coverage of new event types and attack techniques aligned with MITRE ATT&CK.
  • Create and maintain comprehensive documentation of threat detection rules, processes, and technologies.
  • Optimize existing detections and automation for accuracy, performance, and resilience against evolving adversary TTPs.
  • Collaborate with Incident Response (IR) to refine detections and automated workflows based on after-action reports.
  • Develop and tune detection rules, behavioral analytics, and signatures based on CTI and threat hunt findings.
  • Design, validate, and maintain automated response playbooks, workbooks, and orchestration workflows.

Benefits

  • Salary range: $104,000 - $166,000, determined by various factors including experience, education, and geographic location.
  • Eligibility for overtime, shift differential, and discretionary bonus in addition to base pay.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Industry

Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service