Apply on Employer Site

Peraton · 1 month ago

Senior Cyber Security Deception Engineer/Threat Hunter

Arlington, VA

Full-time

Onsite

Senior Level

$146K/yr - $234K/yr

7+ years exp

Peraton is a next-generation national security company that drives missions of consequence spanning the globe. They are seeking a Senior Cyber Security Deception Engineer/Threat Hunter to join their Federal Strategic Cyber Mission programs, focusing on advanced threat hunting and security event response to protect national interests.

Information TechnologyRobotics

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Work closely with cross-functional teams, including Security Operations, Incident Response, Threat Intelligence, and Threat Hunting to ensure a proactive and robust security posture

Perform advanced network threat hunting to detect malicious or suspicious behavior on Department on-premise and cloud-based networks

Respond to security events received from CIRT, provide comprehensive findings and recommend remediation steps

Perform advanced traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends, and patterns

Perform forensic analysis of suspected systems (e.g. on and off premise network devices, and storage media) impacted by malicious activity

Implement and use cyber security frameworks (e.g. MITRE-ATT&CK, Kill Chain, etc.)

Has proven expertise in performing analyses to validate established security requirements and recommended additional security requirements and safeguards

May interface with external entities including law enforcement, intelligence and other government organizations and agencies

Qualification

Threat HuntingNetwork ForensicsCyber Security FrameworksPacket AnalysisCyber Security CertificationsCorrective Actions DevelopmentExternal Entity InterfaceScripting SolutionsArtificial IntelligenceDatabricksCross-functional Collaboration

Required

Bachelor's degree and 9 years of experience, or 7 years of experience with a Master's. An additional 4 years of experience will be considered in lieu of degree

Must possess or be able to obtain at least one of the following certifications before start date. Continued certification required as a condition of employment: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP

Proven ability to develop and recommend corrective actions

Expertise, knowledge, and experience integrating new architectural analysis of cyber security features

Comfortable interfacing with external entities including law enforcement, intelligence and other government organizations and agencies

Experience in threat hunting or network/cloud forensics

U.S. citizenship is required

Active Top Secret security clearance required

The ability to obtain a final TS/SCI

Preferred

Experience using Databricks

Experience using Artificial intelligence (AI) and large language models (LLMs)

Ability to create, troubleshoot, configure and operate complex scripting solutions with the ability to output the results in a variety of formats (e.g. HTML, XML, etc.) and to re-purpose the results for reports targeting different technical levels (e.g. other analysts, management, etc.)