Resource Management Concepts, Inc.
Detection Engineer Analyst
Resource Management Concepts, Inc., Quantico, Virginia, United States, 22134
Overview
Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America. RMC is hiring a
Detection Engineer Analyst
to support an active government contract in Quantico, Virginia, providing defensive cyberspace operations and Cyber Security Service Provider (CSSP) functions. This position will support the government's mission to deny, disrupt, and degrade adversaries’ abilities and attempts to disrupt, exploit and attack the information technology (IT) services provided to network users. Responsibilities
Develop detection use cases based on current threats, the MITRE ATT&CK framework, and government direction Review incident reporting to tune related detection use cases as necessary Review Security Information and Event Management (SIEM)/ Security Orchestration, Automation, and Response (SOAR) incident queue for unnecessary events and alerts and implement corrective actions Identify gaps in logging and detection capabilities across the attack surface Assist in implementing new log ingestion and verify proper parsing and normalization of data in SIEM/SOAR Create high fidelity correlation rules, signatures, filters, and automations and maintain low false-positive rate Requirements
Required Active TS/SCI
(DoD TOP SECRET clearance with Sensitive Compartmented Information access) eligibility is required. Applicant selected can begin supporting this position with an Active DoD SECRET clearance. Applicant selected will be subject to security investigation(s) and must maintain eligibility requirements for access to classified information College degree
in a technical or managerial related discipline
AND
Five (5) years
of practical experience in a Cybersecurity, Engineering, Information Technology, and/or Defensive Cyberspace Operations;
OR H.S. Diploma
or equivalency certificate
AND
Seven (7) years
of practical experience in the same DoD 8570 IAT Level III certification
(or be able to obtain within 180 days) DoD 8570 CSSP Analyst certification
(or be able to obtain within 180 days) Experience writing signatures (e.g., KQL/Snort/ePO/Yara) for network and host IDS/IPS Desired Microsoft Cloud Security training is highly recommended Microsoft Azure and Microsoft Defender XDR Microsoft Sentinel Ninja Training Microsoft Defender For Endpoint Ninja Training Microsoft Defender For Identity Ninja Training Microsoft SC-XXX Training (certifications) Schedule
M-F, 5 X 8, between 7:00am EST and 5:00pm EST, normally not to exceed 40 hours per week. This position may require extended or non-standard hours occasionally to support major cyber incidents. This position is considered essential and may be required to report during hazardous weather, power outages, fuel shortages, pandemics, and other emergencies. Benefits
At RMC, we are committed to your career growth. We differentiate ourselves through investment in our employees, including training, certification, education, and development opportunities. We offer a great place to work with a small company feel and provide experience, tuition assistance, and certifications to advance your career. This includes Monday to Friday full-time day shift work, potential relocation assistance, a competitive paid vacation package with 11 paid federal holidays, high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package. Salary at RMC is determined by location, education, knowledge, skills, competencies, experience, and contract-specific requirements. The current salary range for this position is $120,000 to $140,000 per year. Job Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Technology, Information and Internet Note: This description reflects the requirements and responsibilities as provided and has been reformatted for clarity and consistency.
#J-18808-Ljbffr
Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America. RMC is hiring a
Detection Engineer Analyst
to support an active government contract in Quantico, Virginia, providing defensive cyberspace operations and Cyber Security Service Provider (CSSP) functions. This position will support the government's mission to deny, disrupt, and degrade adversaries’ abilities and attempts to disrupt, exploit and attack the information technology (IT) services provided to network users. Responsibilities
Develop detection use cases based on current threats, the MITRE ATT&CK framework, and government direction Review incident reporting to tune related detection use cases as necessary Review Security Information and Event Management (SIEM)/ Security Orchestration, Automation, and Response (SOAR) incident queue for unnecessary events and alerts and implement corrective actions Identify gaps in logging and detection capabilities across the attack surface Assist in implementing new log ingestion and verify proper parsing and normalization of data in SIEM/SOAR Create high fidelity correlation rules, signatures, filters, and automations and maintain low false-positive rate Requirements
Required Active TS/SCI
(DoD TOP SECRET clearance with Sensitive Compartmented Information access) eligibility is required. Applicant selected can begin supporting this position with an Active DoD SECRET clearance. Applicant selected will be subject to security investigation(s) and must maintain eligibility requirements for access to classified information College degree
in a technical or managerial related discipline
AND
Five (5) years
of practical experience in a Cybersecurity, Engineering, Information Technology, and/or Defensive Cyberspace Operations;
OR H.S. Diploma
or equivalency certificate
AND
Seven (7) years
of practical experience in the same DoD 8570 IAT Level III certification
(or be able to obtain within 180 days) DoD 8570 CSSP Analyst certification
(or be able to obtain within 180 days) Experience writing signatures (e.g., KQL/Snort/ePO/Yara) for network and host IDS/IPS Desired Microsoft Cloud Security training is highly recommended Microsoft Azure and Microsoft Defender XDR Microsoft Sentinel Ninja Training Microsoft Defender For Endpoint Ninja Training Microsoft Defender For Identity Ninja Training Microsoft SC-XXX Training (certifications) Schedule
M-F, 5 X 8, between 7:00am EST and 5:00pm EST, normally not to exceed 40 hours per week. This position may require extended or non-standard hours occasionally to support major cyber incidents. This position is considered essential and may be required to report during hazardous weather, power outages, fuel shortages, pandemics, and other emergencies. Benefits
At RMC, we are committed to your career growth. We differentiate ourselves through investment in our employees, including training, certification, education, and development opportunities. We offer a great place to work with a small company feel and provide experience, tuition assistance, and certifications to advance your career. This includes Monday to Friday full-time day shift work, potential relocation assistance, a competitive paid vacation package with 11 paid federal holidays, high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package. Salary at RMC is determined by location, education, knowledge, skills, competencies, experience, and contract-specific requirements. The current salary range for this position is $120,000 to $140,000 per year. Job Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Technology, Information and Internet Note: This description reflects the requirements and responsibilities as provided and has been reformatted for clarity and consistency.
#J-18808-Ljbffr