Incident Response Security Engineer

Washington, DC | Contract to Hire

Post Date: 07/10/2018 Job ID: 226424 Industry: IT

FireEye Incident Response Security Engineer - Washington DC
  • Provide support to maintain FireEye ecosystem, including providing patching and administering configs within a FireEye AX, CM, EX, FX, HX, NX environment. This includes:
    • Testing FireEye HX Agent configs prior to upgrades
    • Testing FireEye Appliances and validating deployed signatures
  • Provide support of RHEL Patching Via Satelite – Validate Config and Patch Status
  • Provide support in maintain an incident response lab environment, that includes:
    • PFSense
    • ESXi VM’ s
    • Hybrid Analysis
    • Kahli Linux
    • Cuckoo Sanbox (deprecated by Hybrid)
    • Security Onion/Bro
    • Nighthawk/VolUtility
    • Storage - NetAppPython or other scripting language experience
  • Support/assist the client with improvement to real-time monitoring and triage capabilities of incidents received at the operations center.
  • Work collectively with other team members on proposing configuration changes to FireEye environment.
  • Support efforts on threat hunting, network, host, and malware analysis, sensor tuning and custom signature creation
  • Lead the application of cyber intelligence to improve security operations
  • Measure and manage individual and team performance
  • Ensure adequate metrics and documentation of team operations for leadership and other constituents.
    JOB REQUIREMENTS AND QUALIFICATIONS

    Education
  • BS/BA degree from accredited university
    Experience
  • Five or more years of work experience
  • Three or more years of cyber security work experience
  • 2+ years of Splunk Infrastructure
  • Prior leadership experience with direct reports in a cyber environment
  • Experience and effective participation in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data
  • Experience and understanding of host-based/endpoint protection systems
  • Cyber intelligence, disk forensics and memory forensics experience
  • Server administration experience
  • Enterprise forensic tool(s) experience
  • One or more certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc)
Apply Online
Apply with LinkedIn

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: