Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Assessment Engineer
Company MITRE
Location Huntsville, AL
Preferred GIAC Certifications GCIH, GCFA, GNFA, GPEN
Travel 5%
Salary Not provided
URL https://mitre.wd5.myworkdayjobs.com/en-US/MITRE/job/Huntsville-AL/Cyber-Assessment-Engineer_00055422-1
Contact Name Justin Baker
Contact Email jwbaker/at/mitre.org
Expires 2020-11-25

Job Description

Lead a team of cyber engineers to perform cyber assessments in support of DoD organizations to ensure a robust cyber defense architecture on relevant systems. The individual will be responsible for mission prep, execution, and reporting. Additionally, the candidate will assist in developing, improving and/or evaluating tools, techniques, and procedures (TTPs) for detecting and responding to modern, advanced persistent cyber threats.


Responsibilities include:

Develop and maintain relationships with organizations under assessment during preparation, execution, and wrap-up of assessment activities.

Scope assessments in terms of technologies, technical approach, team size and skill mix, and technical implementation of assessment plans.

Conduct data collection, analysis, triage, and reporting as appropriate. Examples of subject data and analysis are: host logs, netflow, PCAP, syslog/snmp logs, memory captures, and other similar data

Develop findings and recommendations and final report products and deliver to sponsor.

Conduct technology R&D and prototype/proof of concept development involving: virtualization, cloud, devops/orchestration, analytic development, visualization development, and other innovation to improve threat detection and response.

Basic Qualifications:

BS and 5 years related experience
Applicants selected for this position will be subject to a government security investigation and must meet eligibility requirements for access to classified information or applicants who are eligible for security clearances



Required Qualifications:

Experience in one or more of the following areas: incident response, cyber threat hunting, cyber threat intelligence, cybersecurity engineering (resilient systems security engineering), and/or cybersecurity analytics.
Strong knowledge of advanced cyber threats and adversary methodologies.
Must possess and maintain a Secret level security clearance



Preferred Qualifications:

Ability to document and/or present ideas and findings such that others can easily learn from or make decisions based upon the material.
Ability to develop new ideas and techniques that advance the state of the practice for cyber defensive operations.
Familiarity with vulnerability assessment, penetration testing, and/or detection/hunting toolsets, such as: Redline, Volexity, Surge/Volcano, Volatility, Beats, ELK, Splunk, Wireshark, TCPdump, tshark
Related certification(s) such as: CISSP, CEH, OSCP, GCIH, GCFA, GNFA, GPEN
Advanced degree in Computer Science and/or Electrical Engineering
Obtain a Top Secret level security clearance