Previous Job
Previous
Security – Incident Report Engineer
Ref No.: 18-00852
Location: Washington, District of Columbia
Position Type:Right to Hire
Security – Incident Engineer
Washington DC

Must:

5+ years of experience in security Engineer
3+ years of cyber security experience
Strong server administration experience
Cyber intelligence, disk forensics and memory forensics experience
Experience and effective participation in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data
Good written and verbal communication skills
IAT lvl 2 or higher security Cert: Sec+, GCIA, GCIH, CEH, CISSP, SSCP
Bachelor's Degree in relevant field
Ability to hold and maintain a clearance

Duties:
Candidate will partake in effective hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data
Candidate Prior leadership experience with direct reports in a cyber environment
Provide support to maintain FireEye ecosystem, including providing patching and administering configs within a FireEye AX, CM, EX, FX, HX, NX environment. This includes: Testing FireEye HX Agent configs prior to upgrades and Testing FireEye Appliances and validating deployed signatures
Provide support of RHEL Patching Via Satelite – Validate Config and Patch Status
Provide support in maintain an incident response lab environment, that includes: PFSense, ESXi VM's, Hybrid Analysis, Kahli Linux, Cuckoo Sanbox (deprecated by Hybrid), Security Onion/Bro, Nighthawk/VolUtility, and Storage - NetAppPython or other scripting language experience
Support/assist the client with improvement to real-time monitoring and triage capabilities of incidents received at the operations center
Work collectively with other team members on proposing configuration changes to FireEye environment
Support efforts on threat hunting, network, host, and malware analysis, sensor tuning and custom signature creation
Lead the application of cyber intelligence to improve security operations
Measure and manage individual and team performance
Ensure adequate metrics and documentation of team operations for leadership and other constituents
Ability to help review advise and identify issues and incidences: Candidate will have sound cyber security knowledge foundation, to include understanding of: Adversary TTPs, Network technology and common protocols, Network security, Host security, Malware, security tools and sensors

*Quadrant, Inc. is an equal opportunity and affirmative action employer. Quadrant is committed to administering all employment and personnel actions on the basis of merit and free of discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or status as an individual with a disability. Consistent with this commitment, we are dedicated to the employment and advancement of qualified minorities, women, individuals with disabilities, protected veterans, persons of all ethnic backgrounds and religions according to their abilities.