AGR
We are currently seeking an experienced
Senior Cyber Security Deception Engineer/Threat Hunter
to become part of the Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. Location:
Arlington, VA; Full-time/On-site. Program Overview The DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DOS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges. About the Role Work closely with cross-functional teams, including Security Operations, Incident Response, Threat Intelligence, and Threat Hunting to ensure a proactive and robust security posture. Perform advanced network threat hunting to detect malicious or suspicious behavior on Department on-premises and cloud-based networks. Respond to security events received from CIRT, provide comprehensive findings and recommend remediation steps. Perform advanced traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends, and patterns. Perform forensic analysis of suspected systems (e.g. on and off premise network devices, and storage media) impacted by malicious activity. Implement and use cyber security frameworks (e.g. MITRE-ATT&CK, Kill Chain, etc.). Has proven expertise in performing analyses to validate established security requirements and recommended additional security requirements and safeguards. May interface with external entities including law enforcement, intelligence and other government organizations and agencies. Qualifications: A bachelor's degree and 9 years of experience, or 7 years of experience with a Master's. An additional 4 years of experience may be considered in lieu of degree. Possess one of the following certifications: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP Proven ability to develop and recommend corrective actions. Expertise, knowledge, and experience integrating new architectural analysis of cyber security features. Comfortable interfacing with external entities including law enforcement, intelligence and other government organizations and agencies. Experience in threat hunting or network/cloud forensics. U.S. citizenship is required. Active Top Secret security clearance required. The ability to obtain a final TS/SCI. Preferred: Demonstrated experience performing static and dynamic analysis techniques. Experience using sandbox and other simulated networked environments for analysis. Ability to recommend sound counter measures to malware and other malicious type code and applications which exploit customer communication systems. Experience supporting the Department of State cyber security mission. Experience using Databricks. Experience using Artificial intelligence (AI) and large language models (LLMs). Ability to create, troubleshoot, configure and operate complex scripting solutions with the ability to output the results in a variety of formats (e.g. HTML, XML, etc.) and to re-purpose the results for reports targeting different technical levels (e.g. other analysts, management, etc.) For any questions regarding this job announcement or the status of your application, please contact our Director of Recruiting, Mr. Brian Jennings, via email at
bjennings@.
Senior Cyber Security Deception Engineer/Threat Hunter
to become part of the Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. Location:
Arlington, VA; Full-time/On-site. Program Overview The DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DOS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges. About the Role Work closely with cross-functional teams, including Security Operations, Incident Response, Threat Intelligence, and Threat Hunting to ensure a proactive and robust security posture. Perform advanced network threat hunting to detect malicious or suspicious behavior on Department on-premises and cloud-based networks. Respond to security events received from CIRT, provide comprehensive findings and recommend remediation steps. Perform advanced traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends, and patterns. Perform forensic analysis of suspected systems (e.g. on and off premise network devices, and storage media) impacted by malicious activity. Implement and use cyber security frameworks (e.g. MITRE-ATT&CK, Kill Chain, etc.). Has proven expertise in performing analyses to validate established security requirements and recommended additional security requirements and safeguards. May interface with external entities including law enforcement, intelligence and other government organizations and agencies. Qualifications: A bachelor's degree and 9 years of experience, or 7 years of experience with a Master's. An additional 4 years of experience may be considered in lieu of degree. Possess one of the following certifications: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP Proven ability to develop and recommend corrective actions. Expertise, knowledge, and experience integrating new architectural analysis of cyber security features. Comfortable interfacing with external entities including law enforcement, intelligence and other government organizations and agencies. Experience in threat hunting or network/cloud forensics. U.S. citizenship is required. Active Top Secret security clearance required. The ability to obtain a final TS/SCI. Preferred: Demonstrated experience performing static and dynamic analysis techniques. Experience using sandbox and other simulated networked environments for analysis. Ability to recommend sound counter measures to malware and other malicious type code and applications which exploit customer communication systems. Experience supporting the Department of State cyber security mission. Experience using Databricks. Experience using Artificial intelligence (AI) and large language models (LLMs). Ability to create, troubleshoot, configure and operate complex scripting solutions with the ability to output the results in a variety of formats (e.g. HTML, XML, etc.) and to re-purpose the results for reports targeting different technical levels (e.g. other analysts, management, etc.) For any questions regarding this job announcement or the status of your application, please contact our Director of Recruiting, Mr. Brian Jennings, via email at
bjennings@.