Job Description

Please Let me know your Interest and rate for this position.

Phone/Skype Hire. Remote

Location: Remote

Duration: 12+ months

Responsibilities

• Review and tune current detection rules within the State SIEM.
• Perform Gap analysis of the current detection coverage.
• Develop detection rules/solutions to cover found Gaps.
• monitor threat intelligence sources for new use cases.
• Work with analysts to create and tune rules.
• Work with the State Threat Hunter to identify and remediate detection coverage gaps.
• Document processes, runbooks, and troubleshooting steps related to the SOAR and integrations.
• Coordinate with engineering, and agency staff as needed to meet goals.

Skills Needed

Five years of experience in supporting large it environments and/or system deployments

5+ years of Strong scripting and automation skills (Python, Bash, PowerShell, or similar).

Understanding of Sigma, YARA, and other industry standard detection languages.

Familiarity with MITRE ATT&CK framework

CISSP, CISA, CISO or equivalent advanced security certification.

Additional relevant certifications (e.g., CEH, OSCP, GPEN).

Vendor certifications in detection engineering.

Proven experience with detection tuning/development..

Experience with dashboard creation and reporting.

Excellent communication and customer service skills for agency-facing engagement.

Experience in working in multi-tenancy environment

Experience in multi-agency or enterprise service projects.

Experience with the Palo Alto Cortex XSIAM platform.

Deep understanding of Windows/Linux artifacts.

Required Education/Certifications:

Bachelor's degree in an information technology or information security related field

Eight years of relevant work experience may be substituted in lieu of education

Job Tags

Similar Jobs