Threat Detection Expert jobs in United States
cer-icon
Apply on Employer Site
company-logo

Scalence L.L.C. · 2 days ago

Threat Detection Expert

positionAshburn Rd, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$220K/yr - $250K/yr
date10+ years exp

Scalence L.L.C. is a commercial company seeking a Threat Detection Expert to enhance their security team. The role involves developing solutions for insider threat monitoring, creating alerting frameworks, and improving incident response efficiencies.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Work with the customer to establish a mature Insider threat monitoring capability across multiple windows, Linux, and container environments
This person will be leading the development of new alerting frameworks
Execute a dual mandate over a designated time period to:
Develop detection logic in the customer SIEM solution
Architecting and deploying detections from the ground up
Support the migration of logic, queries, and visualizations into a new SIEM solution
Work with the customer to improve incident response efficiencies
Support the Tier 1 Security Operations Team with investigations and responses
Improve the customer’s ability for early detection and mitigation of risks

Qualification

Active TS/SCI clearanceSIEM solutions expertiseArchitecting frameworksLog telemetry structureCloud service providersQuery language proficiencyDashboard creationUser behavior analysisMonitoring systems experienceOSINT framework tools

Required

This position requires an active TS/SCI clearance with Full Scope polygraph
Specialist with architecting and deploying new frameworks from the ground up
Bachelor's degree in computer science, Engineering, Information Assurance, or a related discipline and 10+ years of related experience. Additional experience may be substituted for a degree
Must have experience and expertise with SIEM solutions such as Splunk, Kabana, etc
Must have experience with log telemetry structure and log logic in Windows, Linux, and Containerized environments
Experience with migrating schema mappings from one SIEM solution to another
The ability to demonstrate query language proficiencies
Must have experience with cloud service providers i.e., Google, AWS, Azure, etc
Have experience with the deployment and configuration of data collections from various system components that include operating systems, networking devices, and containerization platforms
Experience creating dashboards, analytics, and alerts within SIEM tools
Experience working with monitoring systems supporting auditing, incident response, and system health
Experience with the OSINT framework and related tools

Preferred

Working in an air gapped environment
Analyze user behavior and how to create alerts from scratch
Comfortable with both Splunk and ELK

Company

Scalence L.L.C.

twitter
company-logo
In today’s dynamic and competitive market, success hinges on mastering three key areas: Data Intelligence, Business Resilience, and Digital Experience.
location
Morristown, New Jersey, US
people-size501-1000 employees
web-link
https://www.scalence.com/

Funding

Current Stage
Late Stage
Company data provided by crunchbase