Threat Detection Expert jobs in United States
info-icon
This job has closed.
company-logo

Scalence L.L.C. · 2 days ago

Threat Detection Expert

positionAshburn Rd, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$220K/yr - $250K/yr
date10+ years exp

Scalence L.L.C. is a commercial company focused on security solutions, and they are seeking a Threat Detection Expert to enhance their insider threat monitoring capabilities. The role involves developing detection logic, improving incident response, and leading the deployment of new alerting frameworks.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Work with the customer to establish a mature Insider threat monitoring capability across multiple windows, Linux, and container environments
This person will be leading the development of new alerting frameworks
Execute a dual mandate over a designated time period to:
Develop detection logic in the customer SIEM solution
Architecting and deploying detections from the ground up
Support the migration of logic, queries, and visualizations into a new SIEM solution
Work with the customer to improve incident response efficiencies
Support the Tier 1 Security Operations Team with investigations and responses
Improve the customer’s ability for early detection and mitigation of risks

Qualification

Active TS/SCI clearanceSIEM solutions expertiseLog telemetry structureCloud service providersArchitecting frameworksQuery language proficiencyDashboard creationIncident response supportUser behavior analysisMonitoring systems experience

Required

This position requires an active TS/SCI clearance with Full Scope polygraph
Specialist with architecting and deploying new frameworks from the ground up
Bachelor's degree in computer science, Engineering, Information Assurance, or a related discipline and 10+ years of related experience. Additional experience may be substituted for a degree
Must have experience and expertise with SIEM solutions such as Splunk, Kabana, etc
Must have experience with log telemetry structure and log logic in Windows, Linux, and Containerized environments
Experience with migrating schema mappings from one SIEM solution to another
The ability to demonstrate query language proficiencies
Must have experience with cloud service providers i.e., Google, AWS, Azure, etc
Have experience with the deployment and configuration of data collections from various system components that include operating systems, networking devices, and containerization platforms
Experience creating dashboards, analytics, and alerts within SIEM tools
Experience working with monitoring systems supporting auditing, incident response, and system health
Experience with the OSINT framework and related tools
Working in an air gapped environment
Analyze user behavior and how to create alerts from scratch
Comfortable with both Splunk and ELK

Company

Scalence L.L.C.

twitter
company-logo
In today’s dynamic and competitive market, success hinges on mastering three key areas: Data Intelligence, Business Resilience, and Digital Experience.
location
Morristown, New Jersey, US
people-size501-1000 employees
web-link
https://www.scalence.com/

Funding

Current Stage
Late Stage
Company data provided by crunchbase