AGR
Overview
Location: Arlington, VA; Full-time/On-site. Senior Cyber Security Deception Engineer/Threat Hunter
role within the Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program. The program provides cyber and technology security expertise to enable secure and efficient business processes across the DOS Cyber & Technology Security (CTS) Directorate. The DSCM team focuses on protecting a global cyber infrastructure and proactively identifying and responding to cyber risks and threats. Responsibilities Work closely with cross-functional teams, including Security Operations, Incident Response, Threat Intelligence, and Threat Hunting to maintain a proactive and robust security posture. Perform advanced network threat hunting to detect malicious or suspicious activity on on-premises and cloud-based networks. Respond to security events from CIRT, provide comprehensive findings, and recommend remediation steps. Perform advanced traffic analysis (packet level) and reconstruct network traffic to identify anomalies, trends, and patterns. Conduct forensic analysis of suspected systems (on- and off-premise network devices, storage media) impacted by malicious activity. Implement and use cybersecurity frameworks (e.g., MITRE ATT&CK, Kill Chain). Analyze to validate established security requirements and recommend additional safeguards. Interface with external entities including law enforcement, intelligence, and other government organizations as needed.
Qualifications
Bachelors degree and 9 years of experience, or 7 years with a Masters. An additional 4 years of experience may be considered in lieu of a degree. One of the following certifications: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP. Proven ability to develop and recommend corrective actions. Expertise in integrating new architectural analyses of cybersecurity features. Experience interfacing with external entities including law enforcement, intelligence, and other government organizations and agencies. Experience in threat hunting or network/cloud forensics. U.S. citizenship is required. Active Top Secret security clearance required, with the ability to obtain a final TS/SCI clearance.
Preferred
Experience performing static and dynamic analysis techniques. Experience using sandbox and other simulated networked environments for analysis. Ability to recommend effective countermeasures to malware and other malicious code and applications affecting customer communications systems. Experience supporting the Department of State cyber security mission. Experience using Databricks. Experience using Artificial Intelligence (AI) and large language models (LLMs). Ability to create, troubleshoot, configure, and operate complex scripting solutions and output results in multiple formats (e.g., HTML, XML) for different audiences (analysts, management, etc.).
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Data Infrastructure and Analytics
#J-18808-Ljbffr
Location: Arlington, VA; Full-time/On-site. Senior Cyber Security Deception Engineer/Threat Hunter
role within the Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program. The program provides cyber and technology security expertise to enable secure and efficient business processes across the DOS Cyber & Technology Security (CTS) Directorate. The DSCM team focuses on protecting a global cyber infrastructure and proactively identifying and responding to cyber risks and threats. Responsibilities Work closely with cross-functional teams, including Security Operations, Incident Response, Threat Intelligence, and Threat Hunting to maintain a proactive and robust security posture. Perform advanced network threat hunting to detect malicious or suspicious activity on on-premises and cloud-based networks. Respond to security events from CIRT, provide comprehensive findings, and recommend remediation steps. Perform advanced traffic analysis (packet level) and reconstruct network traffic to identify anomalies, trends, and patterns. Conduct forensic analysis of suspected systems (on- and off-premise network devices, storage media) impacted by malicious activity. Implement and use cybersecurity frameworks (e.g., MITRE ATT&CK, Kill Chain). Analyze to validate established security requirements and recommend additional safeguards. Interface with external entities including law enforcement, intelligence, and other government organizations as needed.
Qualifications
Bachelors degree and 9 years of experience, or 7 years with a Masters. An additional 4 years of experience may be considered in lieu of a degree. One of the following certifications: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP. Proven ability to develop and recommend corrective actions. Expertise in integrating new architectural analyses of cybersecurity features. Experience interfacing with external entities including law enforcement, intelligence, and other government organizations and agencies. Experience in threat hunting or network/cloud forensics. U.S. citizenship is required. Active Top Secret security clearance required, with the ability to obtain a final TS/SCI clearance.
Preferred
Experience performing static and dynamic analysis techniques. Experience using sandbox and other simulated networked environments for analysis. Ability to recommend effective countermeasures to malware and other malicious code and applications affecting customer communications systems. Experience supporting the Department of State cyber security mission. Experience using Databricks. Experience using Artificial Intelligence (AI) and large language models (LLMs). Ability to create, troubleshoot, configure, and operate complex scripting solutions and output results in multiple formats (e.g., HTML, XML) for different audiences (analysts, management, etc.).
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Data Infrastructure and Analytics
#J-18808-Ljbffr