Detection Engineering SME with Security Clearance

---

Job description

Sentar is dedicated to developing the critical talent that the connected world demands to create solutions to address the convergence of cybersecurity, intelligence, analytics, and systems engineering. We invite you to join the small business team where you can build, innovate, and secure your career. Sentar is seeking a Detection Engineer SME in Quantico, VA! Role Description: Sentar is seeking a Detection Engineering SME to support an active government contract providing Cyber Security Service Provider (CSSP) functions. This position will support the government's mission to disrupt, deny and degrade network adversaries ability to disrupt the IT services provided to network users. The Contractor shall provide 8x5 support to produce detection use cases, which are discrete packages of signatures, correlation rules, and execution instructions for Incident Detection Monitoring personnel. These detection use cases address specific areas of concern and are based on the MITRE ATT&CK framework. Detection use cases provide the Government with a mechanism to prioritize detection resources and to measure detection resource capacity and performance. The Contractor shall use all available logs and alerts from host operating systems, network intrusion prevention systems, endpoint detection and response tools, anti-virus and host intrusion prevention systems, and other sources to create the ability of the Government to detect malicious or unauthorized activity on its network. The Contractor will Leverage Snort, Regex, and YARA (or similar methods) to apply logic needed to detect and alert malicious activity at various levels within the environment. The tools used may include Tanium, Microsoft Defender for Endpoint, Elastic/Kibana, and the tools included in the DoDs Joint Regional Security Stack (JRSS). When alerts are determined to be false positives, the Contractor shall take action to modify the related detection use case, rule, or signature to eliminate future false positive results. These efforts will support the analysis and correlation of 800,000,000 events per day (on average), resulting in approximately 2,000 incidents in calendar year 2021. Personnel shall work eight hour shifts between the hours of 0700 and 1700 in the Eastern Time zone. The DoD Cyberspace Work Role for this task is 511- Cyber Defense Analyst. Qualifications: Bachelors Degree in Computer Science or IT related field or at least five years of demonstrated experience in supporting DCO and/or network systems and technology. At least five years of experience with development and refinement of signatures, plays, policies, configurations, scripts and indicators used to identify malicious or unauthorized activity via network and host-based detection on the Enterprise Network. Experience leading operations and maintenance support for an enterprise-level (minimum of 50k users) network DODD 8570 IAT III certification: (CASP+, CCNP Security, CISA, CISSP, GCED, GCIH, or CCSP) DODD 8570 CSSP Analyst certification: (CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+) The Detection Engineer position requires at least a few years of experience in a SOC working with SIEM/SOAR and analyzing incidents created by both custom and vendor signatures. Experience writing signatures (Yara/Snort) for network and host IDS/IPS. Knowledge of Windows OS, network traffic, and firewall operation required. Microsoft cloud security training is highly recommended. Clearance Level: TS/SCI Education: Bachelors Degree in Computer Science or IT related field or at least five years of demonstrated experience in supporting DCO and/or network systems and technology. Benefits at Sentar: In addition to a great culture, Sentar not only fosters an inclusive work environment but also offers an extensive benefits package designed to cater to the well-being of its employees and their families. Voluntary Medical, Dental, Vision, with Health Savings or Flexible Spending Plan options Voluntary Life, Critical Illness, Accident, and Long Term Care insurance options Group Term Life, Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees Generous 401(k) match Competitive PTO plan that graduates quickly with years of service Other leave programs; holiday schedule along with bereavement, jury and military duty Mental health awareness programs Tuition reimbursement Professional development reimbursement Recognition and Awards programs If you are not ready to apply for this position, submit your resume here to join our talent community . We'll keep you updated occasionally on new job opportunities. Sentar is an Affirmative Action and Equal Opportunity Employer M/F/Vets/Persons with Disabilities Our culture is one of inclusivity and support. Sentar is proudly an Equal Opportunity and VEVRAA Federal Contractor Employer M/F/Vets/Persons with Disabilities. Follow these links to learn more about your rights: EEO Is the Law Poster ; EEO Is Law Supplement ; and Pay Transparency . We want you to build your career at Sentar, so if you are an individual with a disability and require a reasonable workplace accommodation applying for a job or at any point in the employment process, contact the Recruiting Manager at . Please indicate the specifics of the assistance needed. Thank you for considering Sentar in your employment search. Build, Innovate, Secure Your Career at Sentar.

<!– job description page –>