isecjobs.com

Cyber Threat Detection Engineer

United States

Full Time Mid-level / Intermediate Clearance required USD 80K - 128K
Peraton logo

Peraton

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly...

View all jobs at Peraton

Apply now Apply later

Responsibilities

 

We are seeking a Cyber Threat Detection Engineer to develop an automated threat detection process that is customizable, flexible, and repeatable, and produces high-quality alerts for security teams. This role involves designing and implementing processes to accurately detect threats in complex environments, including mainframe, on-premise mid-range, and AWS Cloud environments.

 

What you will do:

  • Threat Analysis and Detection:
    • Develop and implement detection rules and signatures.
    • Perform threat hunting and analysis to identify potential security incidents.
    • Utilize SIEM tools to monitor and analyze security alerts.
  •  Automation and Tool Development:
    • Build automation for repetitive tasks using scripting languages.
    • Develop custom tools and dashboards to enhance detection capabilities.
  •  Incident Response Support:
    • Collaborate with incident response teams to investigate and mitigate security incidents.
    • Provide detailed forensic analysis of network and system activities.
  •  Security Posture Improvement:
    • Evaluate and enhance the configurations of security tools.
    • Recommend and implement new security technologies and solutions.
  •  Documentation and Reporting:
    • Prepare technical reports and present findings to stakeholders.
    • Maintain up-to-date documentation of security processes and procedures.

Qualifications

Required Qualifications:

  • 2 years with BS/BA. Additional 4 years of experience may be accepted in lieu of the degree.
  • Experience in creating and tuning alerting rules from a SIEM system and other devices in response to evolving threats.
  • Proficiency in researching TTPs and developing high-fidelity detections in various tools/languages, including but not limited to ArcSight, OpenSearch, Elastic Stack, Suricata, Snort, Zeek, and Bro.
  • Experience in log analysis from multiple sources (e.g., firewall, IDS, endpoints) to identify and investigate security events and anomalies.
  • Expertise in packet-level analysis (e.g., Wireshark, tcpdump, tshark) and a solid understanding of TCP/IP protocols (OSI layers 3-7) for investigating network traffic.
  • Proficiency in scripting languages (Python, PowerShell, Bash, etc.) for parsing machine-generated data, interacting with REST APIs, and automating repetitive tasks.
  • Understanding of operating system internals for Windows and/or Linux.
  • Experience with AWS cloud infrastructure and the security implications of hybrid environments.
  • Knowledge of attacker tactics, techniques, and procedures.
  • Familiarity with vulnerability research and exploit development.
  • Understanding of malware analysis and memory forensics.
  • Must be a US Citizen
  • Must be able to obtain/maintain the required agency clearance.

 

Preferred Qualifications:

  •  Active Public Trust Clearance.
  •  Previous experience with the Federal Government.

Benefits:

 

At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We’re fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way. 

 

#LI-ET1

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.
Apply now Apply later
  • Share this job via
  • 𝕏
  • or
Job stats:  3  1  0
Categories: Security Engineering Jobs Threat Intel Jobs

Tags: APIs ArcSight Automation AWS Bash Clearance Cloud Exploit Firewalls Forensics IDS Incident response Linux Log analysis Mainframe Malware PowerShell Python Scripting SIEM Snort TCP/IP Threat detection TTPs Windows

Perks/benefits: Fertility benefits Health care Startup environment Team events

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Security Operations Engineer jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsTerraform jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsCompTIA jobsDocker jobsIntrusion detection jobs
TCP/IP jobsBanking jobsSANS jobsThreat detection jobsData Analytics jobsActive Directory jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsIT infrastructure jobsSOC 2 jobsAnsible jobsJavaScript jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsOracle jobsNIST 800-53 jobsCryptography jobs