Cybersecurity Engineer - Detections

Washington, District of Columbia, United States - Remote

Applications have closed

Maveris

Maveris is an IT and cybersecurity company committed to helping organizations create secure digital solutions to accelerate their mission. We are Veteran-owned and proud to serve customers across the Federal Government and private sector.

View all jobs at Maveris

Maveris is an IT and cybersecurity services company committed to helping organizations create secure digital solutions to accelerate their mission. We are Veteran-owned and proud to serve customers across the Federal Government and private sector. We have an opening for a full-time, permanent Cybersecurity Engineer - Detections to join our talented, dynamic team in support of a large Federal Government customer.

As a Cybersecurity Engineer - Detections, you will play a critical role in safeguarding the Department of Veterans Affairs (VA) digital assets by developing and implementing security detections for our Cyber Incident Response team to monitor. Your primary focus will be to baseline, develop, implement, and tune security detections using a variety of technologies such as SIEM, EDR, XDR, etc.

Veterans are encouraged to apply.


Duties

  • Configure monitoring tools to detect threat actor techniques and/or behavioral indicators.
  • Craft custom search queries using Splunk, Microsoft Defender for Endpoint, Microsoft Sentinel.
  • Provide subject matter expertise to support security detections in one of the following areas: Cloud technologies, SaaS, Identity and Access management, Networking, Splunk, EDR, or Offensive Security and Purple-teaming.
  • Map security detections to the MITRE ATT&CK Framework.
  • Research new data source identification and configuration recommendations to facilitate detection of adversary activities.
  • Use machine learning and pattern analysis to improve detection of specific types of threats.
  • Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and detection-related updates to management and stakeholders.
  • Develop and operationalize advanced security analytics to detect and respond to sophisticated cyber threats in real-time.
  • Develop and implement detection feedback processes - e.g., tuning false positives, etc.
  • Ensure data quality meets completeness and consistency.
  • Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy.
  • Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate detection and incident response, including enrichment, containment, and remediation actions.
  • Support the operationalization on new security detections, including building reference documentation, investigation guidelines, and tuning considerations.
  • Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities.

Requirements

  • Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience)
  • 5+ years of experience supporting large-scale IT related projects
  • 3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)
  • Candidates must possess a professional level certification in one of the following subject areas: Cloud (ex: GLCD), Incident Response/Forensics (ex: GCIH, GCFE), IDAM (ex: Microsoft Identity and Access Administrator Associate), SIEM (Splunk Power User), Offensive Security (ex: OSCP, GPEN)
  • A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment
  • Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools
  • Experience with enterprise ticketing systems like ServiceNow
  • Excellent analytical and problem-solving skills
  • Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight
  • Ability to learn and function in multiple capacities and learn quickly
  • Strong verbal and written communication skills

Benefits

Maveris attracts and retains talent of the highest caliber by offering opportunities to work in exciting and challenging environments surrounded by bright minds. Our employees are our most prized asset and are rewarded with highly competitive compensation and a top-tier benefits package, including:

  • 401(k) with company match
  • Dental Insurance
  • Health Insurance
  • Vision Insurance
  • Life Insurance
  • Paid Time Off


About Maveris

Maveris offers exceptional, mission-focused, solutions to organizations facing highly complex IT, digital, and cybersecurity challenges. Our success is achieved by maintaining an environment of trust where people are encouraged to reach their fullest potential. Every candidate that applies to Maveris brings something unique to the table, and because our team is diverse, we consistently meet our goals and exceed client expectations. If you are a highly-motivated person with a willingness to learn, we invite you to apply today to join our team!

To learn more about employee benefits visit www.maveris.com.
For company updates and the latest job postings check us out on LinkedIn.
If you'd like to read about some of our research and projects head over to Maveris Labs.
Want a more behind the scenes view? Check out our blog Maveris Insights to learn more about the team behind the solutions.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  48  12  0

Tags: Analytics Automation Cloud Computer Science EDR Forensics GCFE GCIH GPEN IAM IDS Incident response IPS Machine Learning MITRE ATT&CK Monitoring Offensive security OSCP SaaS SIEM SOAR SOC Splunk Threat intelligence XDR

Perks/benefits: 401(k) matching Career development Competitive pay Health care Team events

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.