Threat Management Specialist - Tier2 (shift work) - no C2C candidates please) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Tier One Technologies, LLC ยท 1 day ago

Threat Management Specialist - Tier2 (shift work) - no C2C candidates please)

positionDC-Baltimore Area
timeContract
remoteHybrid
senioritySenior Level, Lead/Staff
date8+ years exp

Tier One Technologies is looking for a Tier2 Threat Management Specialist to work with our direct US Government client. The role involves identifying cybersecurity threats, analyzing network traffic, and implementing detection mechanisms, while also leveraging AI/ML-based tools for enhanced threat intelligence.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Identify cybersecurity threats and gaps that require mitigating controls
Analyze network traffic to detect exploit attempts, intrusions, and anomalous behavior
Recommend and implement detection mechanisms for exploit- and intrusion-related activity
Provide subject matter expertise in network-based attacks, traffic analysis, and intrusion methodologies
Escalate incidents requiring deeper investigation to senior members of the Threat Management team
Execute operational processes in support of security incident response efforts
Leverage AI/ML-based tools to detect anomalies, automate incident triage, and enhance threat intelligence
Perform and analyze threat intelligence to assess risk and adapt defenses using ML-enhanced tools
Manage email security using Proofpoint; monitor threats and respond rapidly to attacks
Configure and maintain Splunk for log analysis, alert creation, and security incident investigation
Configure Cisco Firepower for network monitoring, analyze traffic patterns, and enforce security controls
Deploy and manage SentinelOne agents, monitor alerts, and conduct comprehensive security assessments
Monitor, review, and respond to security alerts and incidents across multiple platforms, including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC)
Conduct threat detection and analysis, investigate suspicious activity, coordinate incident response, and implement remediation actions
Tune security policies, maintain visibility across cloud and endpoint environments, and support continuous security posture improvement
Stay current with emerging cybersecurity threats, threat actors, and AI/ML research
Identify and support security automation use cases, including AI/ML-driven SOC enhancements
Collaborate across Operations to deliver SOC capability improvements through automation and AI

Qualification

IT Security experienceNetwork traffic analysisCybersecurity automationAI/ML proficiencyCloud securityIDS/IPS technologiesData analysisControl Frameworks knowledgeBoolean LogicTCP/IP FundamentalsRisk Management techniquesCommunication skills

Required

Bachelor's or Master's Degree in Computer Science, Information Systems, or other related fields
8+ years of IT Security experience
2+ years of network traffic analysis experience
Familiarity with AI/ML projects
CERTIFICATIONS (One or more required): GIAC Certified Enterprise Defender (GCED) or GIAC Certified Security Essentials (GSEC) or CISSP, or SSCP
Strong working knowledge of Boolean Logic, TCP/IP Fundamentals, Network Level Exploits and Threat Management
Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
Strong understanding of common IDS/IPS architectures and implementations
Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
Prior experience with cloud security (AWS, Azure, GCP)
Hands-on experience with cybersecurity automation (e.g., SOAR platforms)
Proficiency in using machine learning frameworks to develop, train, and deploy models for anomaly detection, threat intelligence, and behavioral analysis in cybersecurity contexts
Skills in data analysis and feature engineering, with the ability to preprocess and transform large datasets from various sources (e.g., logs, network traffic) to extract relevant features for machine learning models aimed at identifying security incidents and vulnerabilities
Familiarity with the application of AI/ML techniques in cybersecurity, including but not limited to automated threat detection, incident response automation, and predictive analytics. Experience in evaluating the effectiveness of AI/ML solutions in a SOC environment is a plus
Understanding and experience identifying and implementing automation use cases
Knowledge of Control Frameworks and Risk Management techniques
Excellent oral and written communication skills
Must be able to obtain a Position of Public Trust Clearance
All candidates must be a US Citizen or have permanent residence status (Green Card)
Candidate must have lived in the United States for the past 5 years
Cannot have more than 6 months travel outside the United States within the last 5 years. Military Service excluded

Company

Tier One Technologies, LLC

twitter
company-logo
Tier One Technologies is a national technical consulting and services firm.
dateFounded in 2003
location
Canonsburg, PA, US
people-size11-50 employees
web-link
https://www.tier1technologies.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase