OUR BENEFITS

We provide competitive benefits including heath, dental, long and short term disability, 401(k) plan, and direct deposit as part of your total compensation package.

CURRENT OPENINGS

Are you ready to be challenged and recognized for your achievements? Apply below if you are an ethical, forward-looking person focused on customer satisfaction and delivering on-time solutions.

EQUAL OPPORTUNITY EMPLOYER

SBD is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at SBD will be based on merit, qualifications, and abilities. SBD does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").



CyberIntel/APT Engineer

Location: Washington, DC
Date Posted: 01-03-2018
SBD is seeking a CyberIntel/APT Engineer to join our team in support of our federal customer located in Washington, DC.  The responsibilities of the CyberIntel/APT Engineer will include:
 
  • Conduct advanced monitoring and analysis for the customer enterprise for potential and / or known advanced persistent threats (ATP) and fuse all-source information to support the SOC mission of ensuring the confidentiality, integrity and availability of the infrastructure.
  • Perform digital forensics, participate in insider threat detection and e-discovery.  Have a thorough working knowledge of NetWitness and Splunk coupled with forensic applications such as Encase and FTK.
  • Would also be responsible for performing Cyber Intelligence reporting leveraging various data sources.  This would include performing initial relevance and risk ratings to determine risk exposure based on the current intelligence.
 

Qualifications and Requirements:
 
  • Experience with APT and threat operations. Strong analytical and research skills with an extensive understanding of classified research tools and websites.
  • Experience with creating operating system baselines, verification of operating system services and applications in order to identify malicious anomalies. Linux/Unix operating systems and file system knowledge useful.
  • Strong knowledge/experience with Windows servers, domain controllers, databases, group policy management and network filtering (firewalls).
  • Large data search and analysis experience, knowledge of statistical analysis methodologies and machine learning very helpful.
  • At least 3 years’ experience performing NETFLOW and PCAP analysis using Wireshark and other applications. 
  • At least 2 years’ experience with Spector360 and SPLUNK.
  • Shall have a basic understanding of SPLUNK architecture (indexer, forwarder, search heads, etc.) and experience with SPLUNK UI/GUI development and operational roles.
  • Experience with at least one scripting language such as JavaScript, Python, Perl, Groovy, Rudy, etc. and strong skills writing SPLUNK queries to create complex SPLUNK dashboards.
  • Experience in forensic recreation and documentation of a malware attack/breach from initial injection/exposure to malware, compromise and proliferation of threat across systems and removal/cleanup of a malware incident.
  • Strong experience with network, live system, sandbox static and RAM/memory malware analysis.
  • Cyber Intel experience. Must be able to leverage reports and open source material to find and report potential threats.  Must be able to perform initial triage as well as strong writing/communication skills to distribute the threat to the appropriate resources.
  • Experience or knowledge in the following security tools is desired: Tenable Security Center, Splunk, McAfee EPO, NetWitness, Encase, Cisco Security Manager, Wireshark, and SysInternals.
  • BS in Information Technology related major or equivalent experience in information technology.
  • Holds CISSP, GIAC Reverse Engineering Malware or other comparable certification or experience.
  • US Citizenship is required
  • Must have an active DoD Top Secret Clearance AND must be able to obtain a customer-specific clearance
Solutions By Design II, LLC (SBD) is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at SBD will be based on merit, qualifications, and abilities. SBD does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, IWDs, Veteran Status or any other characteristic protected by law (referred to as "protected status").
this job portal is powered by CATS