Job Description:

Our client is looking for a Security Consultant (DFIR) to join their team at a well known cybersecurity this role you will perform incident response and threat hunting-related tasks. You will work with various security solutions including SIEM, EDR, UEBA, and SOAR solutions. This is a heavy LinuxCentOS environment, so experience is required. Familiarity with MITRE ATT&CK framework and consulting experience is a plus.This is a hybrid role in Springfield, VA.Candidate must be a U.S. Citizen. Candidates must hold an active TS clearance and be willing to obtain a SCI clearance.*For a quicker response, please apply directly to this role here: Threat HuntingDevelop and enhance threat hunting methodologies and hypothesesImplement, validate and normalize threat data collection sourcesImprove and enhance threat hunting maturity levelsEnhance SIEM threat hunting capabilitiesParticipate in hunt missions using Threat Hunting Platforms to identify, detect and investigate threats on the enterprise network andor cloud networks.Participate in hunting missions using searching techniques to identify, detect and investigate threats on the enterprise network andor cloud networks.Participate in hunting missions using searching or clustering techniques to identify, detect and investigate threats actors and advanced adversaries on the enterprise network andor cloud networksAttack vectors from MITRE ATT&CK frameworkPerform OSINT collection and threat profile analysisResearch threat actor analysis and capabilityCurrent trends and threat landscapeBuild and manage threat research and sharing relationships Sector-based Information Sharing Analysis Centers (ISACs)Participate in incident response as a member of the CSIRT20% Incident ResponseRespond to incidents involving malwareRespond to network based attacksMonitor system events, logfiles and alertsPerform incident detectionProgram and write scripts20% Security EngineeringPerform infrastructure and cloud security designInstall, maintain, and patch security productsMonitor system events, log files and alertsEvaluate new security products and solutionsInteract with cloud based platforms20% Security OperationsHarden systems for cyber resilienceResearch new threats, attack techniques and methodsParticipate in business continuity and disaster planning15% Threat IntelCollect, review, analyze, process and enrich open source andor commercial threat datasetsCreate and deliver technical alerts, reports, and vulnerability notificationsGather and record key indicators and information about threat campaigns and infrastructurePrepare assessments and cyber threat profiles of current events based on collection, research and analysis of open source informationProvide intelligence support during incident response and forensic security investigationsProcess and enrich information to ensure timely, actionable, high confidence IOC's are ingested and shareableConduct technical analysis based upon industry accepted threat intelligence analytical frameworks, tools, and standardsDevelop and maintain threat profiles and the associated tactics, techniques, and procedures used to infiltrate computer networksApply technical knowledge of security architectures, tools and controls to proactively detect, mitigate, and resolve advanced cyberattacks andor threats.Requirements:Must actively hold a TS clearance and be willing to obtain a SCI.5+ years of experience in incident response and threat hunting.Hands-on experience with security solutions including SIEM, EDR, UEBA, and SOAR solutions.Must have extensive command line experience with Linux.Why CyberSN?CyberSN is the Cybersecurity Jobs and Career Marketplace. From online matching to full-service recruitment, CyberSN provides professionals and hiring teams with the expertise, information, tools, connections, and services they need to maximize career success, job satisfaction, team performance, diversity, and retention.