Jobs at Sharp Solutions, Inc.

View all jobs

476. SIEM Content Developer

Leesburg, VA
logo.png
SSi has principals that are an integral part of the organizations characteristic and are fundamentally essential to the shaping of everyday activities that connect to our broader mission and vision. As an organization SSi is committed to:
 
Foster a culture of innovative and out of the box thinking: 
We fundamentally understand that each employee has something unique to offer to the organization.  We foster a culture that nourishes innovation by empowering staff, leverages their passions, and encompasses a circle of trust where it’s all about thinking of new ideas and getting good feedback.
 
Invest in our Resources
Employees are essential, their physical and mental well-being are pivotal to the growth of our organization.  Our company culture, productivity, and overall employee happiness stem directly from how much training, responsibility, and empowerment they have within our organization. Our focus is on improving the growth of individual through education, allowing them to play central roles, so they can grow and add value to the company.
 
Provide solutions that are in the best interest of the customer and improve their strategic posture
We are in business to serve our customers and do what is in their best interest. Our philosophy is to offer services that are complete.  We strive to provide services that do more than meets the eye, to achieve more than superficial results and to help the business improve in areas that they may not have considered.
 
Give thoughtful considerations to our actions and their affects
We give thoughtful consideration to each other’s differences and opinions. We must give our individual best to get the job done right. Everyone is accountable for their behaviors, exercising rational judgment, and giving thoughtful consideration to their professional activities and decisions.

Currently we have an immediate need to add an experienced professional to our staff:

SIEM Content Developer
Location: Leesburg, Va - Remote
Shift: Regular Days (non-shift work)

Primary Responsibilities:
Experience with creating and implementing custom IOCs and IOAs in Crowdstrike

Experience with triaging and investigating hosts using Crowdstrike

Experienced with updating McAfee AV signatures

Experience with creating and maintain custom Tanium packages for collecting artifacts for continuous monitoring

Provide recommendations for tuning and/or triaging notable events

Perform critical thinking and analysis to investigate cyber security alerts

Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)

Collaborate with team members to analyze an alert or a threat

Stay up to date with latest threats and familiar with APT and common TTPs

Utilize OSINT to extrapolate data to pivot and identify malicious activity

Have experience with dynamic malware analysis

Have experience performing analysis of network traffic and correlating diverse security logs to perform recommendations for response

Utilize the Cyber Kill Chain and synthesize the entire attack life cycle

Review and provide feedback to junior analysts’ investigation

participate in discussions to make recommendations on improving SOC visibility or process

Contribute to SOP development and updating

Provide expert guidance and mentorship to junior analysts

Basic Qualification:
All candidates shall have a minimum a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS eight (8) years of experience in incident detection and response, malware analysis.

Certifications- must have one of the following!
SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH

EC Council: CEH, CHFI, LPT, ECSA

ISC2: CCFP, CCSP, CISSP CERT CSIH

Offensive Security: OSCP, OSCE, OSWP and OSEE

 
SSi is an equal opportunity employer regardless of race, color, religion, creed, sex, marital status, national origin, disability, age, veteran status, on-the-job injury, sexual orientation, political affiliation or belief. Employment decisions are made without consideration of these or any other factors that employers are prohibited by law from considering. Any discriminatory action can be a cause for disciplinary action. SSi also prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with disabilities. 
Powered by