Title: Cyber Threat Engineer
Location: East Coast - Remote
Glocomms is partnered with a Cyber Defense firm in the search for Threat Engineers with TS/SCI Security Clearance to join their creative in-house security team focusing on Threat Hunting, Incident Response, Penetration-Testing, and researching innovative cutting-edge tools and technologies to integrate into the firms and client's security infrastructure. The firm focused on creating automation strategies for the improvement of MDR using AI within their Cyber Defense Platform.
Key responsibilities:
- Perform threat hunting and incident response activities.
- Partner with engineers to design and build operational systems and tools.
- Conduct tests and evaluate solutions to ensure effectiveness.
- Assist in various research and development projects by identifying cutting-edge tools and technologies to integrate into the firms and clients existing infrastructure. This will include proof-of-concept, stress-testing, presentation, and implementation.
- Conduct thorough investigations to identify root cause of product issues as well as cyber incidents.
- Assess threat intelligence data and create bespoke analytic rules and signatures.
- Identify, analyze, and contextualize incident indicators.
- Continue to stay up to date on the emerging threat landscape, tools and techniques, threat actor/group TTP's, and MS technologies/APIs.
Requirements:
- Active TS/SCI Security Clearance.
- Bachelor's degree in Computer Science, Cyber Security, Information Systems, or a relevant field.
- 4+ years of hands-on experience with Threat Hunting, Incident Response, Penetration-testing, SecOps Analysis, Intrusion Detection & Response, Threat Intelligence, etc.
- Experience working with MS Defender, Azure Monitor, and Azure Sentinel.
- Knowledge of security frameworks including D3FEND and MITRE ATT&CK.
- Hands-on programming experience using languages such as Python, Java, Go, etc.