CIRT DEVELOPER

　　RESPONSIBILITIES

　　Qualified candidate will become part of Cinteot's Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. Cinteot's DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DoS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting Cinteot's DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges.

　　This CIRT Developer role will be located in Beltsville, MD.  This role supports the Cyber Incident Response Team (CIRT).  

　　The customer requires every employee to be onsite for the first 90 days. After the 90 day period, a hybrid schedule may be offered. This position will support Monday – Friday from 8:00am to 5:00pm.    

　　What you'll do:

　　Implement SIEM detection capabilities.

　　Develop alerting for cloud-related malicious activity.

　　Coordinate detection efforts between the development and hunt teams.

　　Develop and enhance threat dashboards and advanced analysis capabilities.

　　Assist in integrating ticketing solution with detection and response events (SOAR).

　　Onboard and integrate cyber monitoring tools from the analyst's perspective.

　　Write Zeek (Bro) Suricata and Snort signatures, develop new content for cyber defense tools.

　　Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) to improve threat detection.

　　Publish after-action reports, cyber defense techniques, guidance, and incident reports.

　　Provide Developer support in a 24x7x365 environment.

　　QUALIFICATIONS

　　To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

　　Requires a minimum of BS 5 Years, or MS 3 years of experience.

　　US Citizenship is required with an active Top Secret clearance.

　　Must possess one of the following certifications or the ability to obtain before start date:

　　CCNA-Security

　　CEH

　　CFR

　　CHFI

　　Cloud+

　　CySA

　　GCFAGCIA

　　GCIH

　　GICSP

　　SCYBER

　　Expertise in planning, implementation and usage of log aggregation and security analysis tools.

　　Knowledge of native event logs, and ability to identify remediation steps for cybersecurity events.

　　Strong organizational skills.

　　Proven ability to operate in a time sensitive environment. 

　　Proven ability to communicate orally and written.

　　Proven ability to brief (technical/informational) senior leadership.

　　Ability to scope and perform impact analysis on incidents.

　　Preferred Qualifications:

　　Familiarity with monitoring Cross Domain Solutions.

　　Understanding of Machine Learning and User and Entity Behavior Analytics.

　　Ability to analyze static and dynamic malware analysis reports.

　　Understanding of Cloud Development with Microsoft Azure/MDE.

　　Understanding of SQL, Python and JavaScript.

　　Benefits:

　　Complete Insurance Coverage

　　Blue Cross Medical, Delta Dental, Vision, Life

　　401k with Company Contribution

　　Tuition Reimbursement

　　Generous Paid Time Off (including your birthday!)

　　Cinteot is an Equal Opportunity Employer

　　All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.