Guidehouse Inc
Overview
Security Engineer Lead within the Information Security Operations group supporting Security Operations and Incident Management/Response, SIEM engineering, Threat Hunting, Automation, Cyber Architecture, and Threat Intelligence. What You Will Do
Enhance SIEM and tool monitoring, tuning, detection, and alerting across multiple domains to support cyber incident response capabilities and tooling, with the goal of identifying, analyzing, and mitigating security threats across the Guidehouse environment to protect Guidehouse and Client data within systems, networks, and cloud environments. Mentor and work with SOC analysts to increase knowledge and skill with detection techniques and other SecOps technologies. Participate in IT Security projects to enhance IT Security capabilities, improve monitoring coverage, drive detection and threat hunting efforts, leading to an overall improvement of enterprise cybersecurity posture. Apply technical knowledge and experience to drive innovation and performance improvement while demonstrating critical thinking, problem solving, and sound logic when assessing problems and opportunities in generating solutions. This position reports to the IT Security Information Protection Associate Director. Job Function
Solid understanding of platform, network, application, and cloud security fundamentals, threats, attack techniques, and mitigations Knowledge of cybersecurity concepts and network/web protocols Designs and configures monitoring and alerts using SIEM (Splunk), Azure Purview, Defender, CSPM, etc. Experience with one or more of SIEMs, SOAR technologies, building/maintaining IR tools and processes, programming/scripting, threat hunting, log ingestion, and SIEM detection engineering/tuning. Effective written and verbal communication skills; clearly and concisely convey complex messages to IT Security Operations team and leadership; effectively presenting facts and recommendations Produces high-quality work leveraging templates, tools, and methodologies that align to applicable professional standards and best practices Assists with issue resolution, risk mitigation, and contingency planning in alignment with IT Security risk mitigation plans Uses critical thinking, analysis, expertise, and collaboration to develop technical solutions and solve problems Mentors, trains, and guides IT Security technical staff across the organization, fostering a culture of technical excellence Promotes development of new technical knowledge and skills within IT Security Operations Takes ownership of tasks, prioritizes in a fast-paced environment, and escalates as appropriate Stays current on cybersecurity events, trends, and issues relevant to IT Security Maps issues to prescribed IT Security policies, procedures, and standards, applies them to situations, and identifies deviations What You Will Need
Bachelor’s degree plus 6 years of experience; OR 10+ years of experience in lieu of degree United States Citizenship Must be able to work East Coast US business hours Experience supporting Microsoft Windows operating systems Familiar with Microsoft Azure, M365, and AWS cloud environments Knowledge of the MITRE ATT&CK framework Experience working with Security Operation Centers, physically or virtually Experience executing processes and procedures in compliance with required NIST, regulatory, and IT standards Experience using a SIEM, such as Splunk, to analyze security anomalies and events, developing queries with SPL or KQL Action-oriented and able to manage and meet aggressive timelines and deadlines Excellent organizational and time management skills What Would Be Nice To Have
Degree in a computer-related or cyber field Working knowledge of NIST SP 800-171, NIST 800-61, and NIST SP 800-53 Experience in application security, security architecture, security code reviews, security/pen-testing, cloud security, cyber threat intelligence, incident response, or security infrastructure Experience interpreting vulnerability scan data and CVEs, assessing and responding to vulnerabilities with a foundational understanding of risk management Demonstrated knowledge of adversary TTPs (Tactics, Techniques and Procedures) Experience working with Executive Leadership Active US government security clearance (DoE, DoD, etc.) One or more certifications (e.g., CISSP, GIAC, OSCP, CEH, Security+; AWS and/or Azure Cloud) Experience with firewalls/web application firewalls, implementing changes, and monitoring status Experience conducting Incident Response and Security Investigations Working knowledge of Active Directory, Exchange, SharePoint, and Teams Preference for candidates located within 50 miles of a Guidehouse office Compensation and Benefits
The annual salary range for this position is $102,000.00-$170,000.00. Compensation decisions depend on a wide range of factors, including skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs. What We Offer
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefits Include
Medical, Rx, Dental & Vision Insurance Personal and Family Sick Time & Company Paid Holidays Discretionary variable incentive bonus Parental Leave and Adoption Assistance 401(k) Retirement Plan Basic Life & Supplemental Life Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts Short-Term & Long-Term Disability Student Loan PayDown Tuition Reimbursement, Personal Development & Learning Opportunities Skills Development & Certifications Employee Referral Program Corporate Sponsored Events & Community Outreach Emergency Back-Up Childcare Program Mobility Stipend About Guidehouse
Guidehouse is an Equal Opportunity Employer–Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with applicable law. If you require accommodation during the recruitment process, please contact Guidehouse Recruiting at 1-571-633-1711 or RecruitingAccommodation@guidehouse.com. All information will be kept confidential and used to provide needed reasonable accommodation. All recruitment communications will come from Guidehouse email domains. Guidehouse does not charge a fee at any stage of the recruitment process. Do not provide banking information to third parties. If any person or organization demands money related to a job opportunity with Guidehouse, report it to Guidehouse’s Ethics Hotline. For validity of correspondence, contact recruiting@guidehouse.com. Guidehouse is not responsible for losses from dealings with unauthorized third parties. Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse.
#J-18808-Ljbffr
Security Engineer Lead within the Information Security Operations group supporting Security Operations and Incident Management/Response, SIEM engineering, Threat Hunting, Automation, Cyber Architecture, and Threat Intelligence. What You Will Do
Enhance SIEM and tool monitoring, tuning, detection, and alerting across multiple domains to support cyber incident response capabilities and tooling, with the goal of identifying, analyzing, and mitigating security threats across the Guidehouse environment to protect Guidehouse and Client data within systems, networks, and cloud environments. Mentor and work with SOC analysts to increase knowledge and skill with detection techniques and other SecOps technologies. Participate in IT Security projects to enhance IT Security capabilities, improve monitoring coverage, drive detection and threat hunting efforts, leading to an overall improvement of enterprise cybersecurity posture. Apply technical knowledge and experience to drive innovation and performance improvement while demonstrating critical thinking, problem solving, and sound logic when assessing problems and opportunities in generating solutions. This position reports to the IT Security Information Protection Associate Director. Job Function
Solid understanding of platform, network, application, and cloud security fundamentals, threats, attack techniques, and mitigations Knowledge of cybersecurity concepts and network/web protocols Designs and configures monitoring and alerts using SIEM (Splunk), Azure Purview, Defender, CSPM, etc. Experience with one or more of SIEMs, SOAR technologies, building/maintaining IR tools and processes, programming/scripting, threat hunting, log ingestion, and SIEM detection engineering/tuning. Effective written and verbal communication skills; clearly and concisely convey complex messages to IT Security Operations team and leadership; effectively presenting facts and recommendations Produces high-quality work leveraging templates, tools, and methodologies that align to applicable professional standards and best practices Assists with issue resolution, risk mitigation, and contingency planning in alignment with IT Security risk mitigation plans Uses critical thinking, analysis, expertise, and collaboration to develop technical solutions and solve problems Mentors, trains, and guides IT Security technical staff across the organization, fostering a culture of technical excellence Promotes development of new technical knowledge and skills within IT Security Operations Takes ownership of tasks, prioritizes in a fast-paced environment, and escalates as appropriate Stays current on cybersecurity events, trends, and issues relevant to IT Security Maps issues to prescribed IT Security policies, procedures, and standards, applies them to situations, and identifies deviations What You Will Need
Bachelor’s degree plus 6 years of experience; OR 10+ years of experience in lieu of degree United States Citizenship Must be able to work East Coast US business hours Experience supporting Microsoft Windows operating systems Familiar with Microsoft Azure, M365, and AWS cloud environments Knowledge of the MITRE ATT&CK framework Experience working with Security Operation Centers, physically or virtually Experience executing processes and procedures in compliance with required NIST, regulatory, and IT standards Experience using a SIEM, such as Splunk, to analyze security anomalies and events, developing queries with SPL or KQL Action-oriented and able to manage and meet aggressive timelines and deadlines Excellent organizational and time management skills What Would Be Nice To Have
Degree in a computer-related or cyber field Working knowledge of NIST SP 800-171, NIST 800-61, and NIST SP 800-53 Experience in application security, security architecture, security code reviews, security/pen-testing, cloud security, cyber threat intelligence, incident response, or security infrastructure Experience interpreting vulnerability scan data and CVEs, assessing and responding to vulnerabilities with a foundational understanding of risk management Demonstrated knowledge of adversary TTPs (Tactics, Techniques and Procedures) Experience working with Executive Leadership Active US government security clearance (DoE, DoD, etc.) One or more certifications (e.g., CISSP, GIAC, OSCP, CEH, Security+; AWS and/or Azure Cloud) Experience with firewalls/web application firewalls, implementing changes, and monitoring status Experience conducting Incident Response and Security Investigations Working knowledge of Active Directory, Exchange, SharePoint, and Teams Preference for candidates located within 50 miles of a Guidehouse office Compensation and Benefits
The annual salary range for this position is $102,000.00-$170,000.00. Compensation decisions depend on a wide range of factors, including skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs. What We Offer
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefits Include
Medical, Rx, Dental & Vision Insurance Personal and Family Sick Time & Company Paid Holidays Discretionary variable incentive bonus Parental Leave and Adoption Assistance 401(k) Retirement Plan Basic Life & Supplemental Life Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts Short-Term & Long-Term Disability Student Loan PayDown Tuition Reimbursement, Personal Development & Learning Opportunities Skills Development & Certifications Employee Referral Program Corporate Sponsored Events & Community Outreach Emergency Back-Up Childcare Program Mobility Stipend About Guidehouse
Guidehouse is an Equal Opportunity Employer–Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with applicable law. If you require accommodation during the recruitment process, please contact Guidehouse Recruiting at 1-571-633-1711 or RecruitingAccommodation@guidehouse.com. All information will be kept confidential and used to provide needed reasonable accommodation. All recruitment communications will come from Guidehouse email domains. Guidehouse does not charge a fee at any stage of the recruitment process. Do not provide banking information to third parties. If any person or organization demands money related to a job opportunity with Guidehouse, report it to Guidehouse’s Ethics Hotline. For validity of correspondence, contact recruiting@guidehouse.com. Guidehouse is not responsible for losses from dealings with unauthorized third parties. Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse.
#J-18808-Ljbffr