Threat Hunt & Advanced SOC Engineer

Job Locations US-Remote / Telework | US-TX-Fort Worth | US-MO-Kansas City | US-CO-Denver | US-DC-Washington
Job ID 2021-4080
Type
Regular Full-Time

Position Description

Valiant Solutions is seeking a Threat Hunt and Advanced SOC Engineer to join our rapidly growing team. Valiant Solutions is a Cybersecurity company delivering cutting-edge security solutions to our Government clients.  This is your chance to work with a wide range of technologies for a company that cares about its employees- Valiant has been named one of the Best Places to Work in the DC area SEVEN years in a row!   If you’ve got that ‘can-do’ attitude and possess the skills below, we’d love to talk to you about this exciting opportunity.

This position serves as a Threat Hunt and Advanced SOC Engineer in support of a major federal client. In this role the successful candidate will work closely with a Data Scientist to develop custom visualizations and alerting to support critical government systems. The successful candidate will also plan and execute threat hunt operations leveraging logging data and tooling integrated with these mission-critical systems. This hybrid role involves the analyst working with existing data to identify threats and threat attack vectors, and also working to implement data visualizations and threat detection logic to increase our client’s security posture.

This is an exciting role for someone who is passionate about new technologies, and continuously finding new ways to keep up with the adversary. In this position you will directly work with our client’s, organizing routine briefings, gathering requirements, and finding new ways to improve monitoring and detection. This role is equally about monitoring and hunting for threats AND tuning detection, alerting, and visualization mechanisms in support of said monitoring.

Requires US Citizenship with the ability to pass a federal security background investigation to obtain a security badge.

 

This position allows for 100% remote work.  Remote work necessitates a high-level trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention to their job duties during working hours, and maintain a schedule during normal business hours that overlaps with those of their coworkers and Valiant's

 

Responsibilities

  • Conducts Tier 3 SOC monitoring of Machine Learning Models and data visualizations
  • Researches, develops, and monitors custom visualizations
  • Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering and executives
  • Tunes and develops SIEM correlation logic for threat detection
  • Ensures documentation is accurate, complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. 
  • Ensures content is developed in an appropriate style for the intended audience to include presentations, bulletins, white papers, memos, policies, briefings, and other products. 
  • Acquires subject knowledge by collaborating with analysts and engineers.
  • Assists in coordinating projects from the planning stage, provides additional or missing materials, and edits for content format, flow, and integrity.
  • Researches topics and collaborate stakeholders to understand communication product requirements; analyzes business problems and helps prescribe communication solutions.
  • Deep understanding of Cyber Threat TTPs, Threat Hunt and the application of the Mitre Attack framework
  • Perform Cyber Threat Assessment and Remediation Analysis
  • Processing, organizing and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data
  • Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities including but not limited to: Insider Threat, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise
  • Investigate network and host detection and monitoring systems to advise engagement processes
  • Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions

 

Qualifications / Required Skills

  • 5 - 7+ years of experience in security operations, cyber technical analysis, threat hunting, threat attribution assessment with increasing responsibilities.
  • Proven experience in both monitoring and hunting for threats, and tuning and developing detection and visualization mechanisms.
  • 2-4+ years experience in a technical capacity; preferably in a role related to any of the following disciplines: security operations, network monitoring or analysis, intrusion or anomaly detection
  • Bachelor’s Degree or additional 3 years of related experience
  • One of the following certifications is required: CISSP,  GIAC Certified Incident Handler, OSCP, or other cybersecurity certification of equal level
  • Strong understanding of malware analysis, advanced persistent threat, infection vectors and defense strategies.
  • Expert written and oral communication skills to include experience with executive-level presentations. 
  • Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools.
  • Knowledge of and experience with web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise AntiVirus solutions, Network Analyzers, and domain name servers desired
  • Demonstrated knowledge in one or more of the following areas: network security principles, host based security principles, network and system administration, forensic analysis principles
  • Advanced user of: SIEM tools e.g. Elastic Stack or Splunk, Microsoft Advanced Threat Protection (ATP), Microsoft Exchange Online Protection, Netwitness, PaloAlto, Redseal, Endpoint security tooling, (MSS) tools (e.g. LookingGlass, FireEye and InfoBlox)
  • Knowledge related to the current state of cyber international relations, adversary tactics, and trends. 
  • Ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.
  • Demonstrated oral and written communications skills, ability to document technical analysis and articulate outcomes to non-technical audiences
  • Good working knowledge of cyber threat intelligence analysis
  • Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level
  • Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.
  • Valiant Solutions is a federal contractor and this position is subject to the COVID-19 Vaccine Mandate as a condition of employment.  All applicants must be fully vaccinated for COVID-19 with a Food and Drug Administration (FDA) authorized or FDA-approved COVID-19 vaccine OR must have an approved reasonable accommodation granting an exemption from vaccine requirements. See below for more details.

 

About Valiant Solutions:

Valiant Solutions is a security-focused IT solutions provider with both public and private sector clients nationwide. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology’s Fast 50, and Washington Business Journal’s Best Places to Work in the D.C. area, Valiant Solutions prides itself on providing its employees with great benefits and career development opportunities. As a company, we are just as committed to growing careers as we are to building world-class IT solutions, all while enjoying an unparalleled work-life balance. We are in a phase of tremendous growth and building the team that will take us to the next level. We seek people whose talents and accomplishments will contribute to a thriving company, who have the character to support their capacity, and can make a positive impact on our culture. Alongside our talented team, you’ll learn to think quickly on your feet and expand your own personal and professional skillset. Our management team will inspire you to consider new perspectives and challenge you to become a better practitioner in the fast-paced industry of IT security. We hire people we respect – and we trust them to deliver results leveraging their expertise. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today.

 

Benefits Snapshot (includes, but not limited to):

Valiant pays 99% of the Medical, Dental, and Vision Coverage for FTE

Valiant contributes 25% towards Health Coverage for Family and Dependents

100% Paid Short Term Disability and Life Insurance Policy for FTE

100% Paid Certifications

Wellness & Fitness Program

401K Matching up to 4%

Paid Time Off

Paid Time On – 40 hours to pursue innovation

Valiant University – Online Education and Training Portal

Reimbursement for Public Transit and Parking

FSA programs for: Medical Costs, Dependent Care, Transit, and Parking

Referral Bonuses

 

Vaccination Mandate:

In accordance with Executive Order 14043, Federal employees and contractors are required to be fully vaccinated against COVID-19 regardless of the employee's duty location or work arrangement (e.g., telework, remote work, etc.), subject to exceptions that may be required by law. If selected, you will be required to submit proof of vaccination by November 22, 2021 or before your entrance on duty if you are selected after the compliance date. Human Resources will provide information for providing proof of vaccination and instructions for how to submit a request for a legally required exception, if needed, to comply with vaccination requirements.

 

Equal Employment Opportunity:

Valiant Solutions is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex (including pregnancy, sex stereotyping, gender identity, gender expression or transgender status), religion, age, marital status, sexual orientation, military/veteran status, physical or mental disability, genetic information/history or any other personal characteristic protected by law.

 

Physical Demands

Must be able to remain in a stationary position 50% of the time and also be able to occasionally move about inside the office to access file cabinets, office machinery, etc.

Must be able to constantly operate a computer and other office productivity machinery, such as a copy machine, and computer printer.

Must be able to communicate, detect, converse with, discern, convey, express one self, and exchange information visually and verbally.

Must be able to occasionally bend and lift files and papers up to 10 pounds throughout the office space for events and meetings.

 

Work Environment:

Individual's primary workstation is located in an office area

The noise level in this environment is low to moderate

 

Authorization to Share Resume and Personal Information:

By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed