Threat Detection Specialist (Fusion Team)
Charleston, SC, Stuttgart, Germany, Kansas City, MI, and Pearl City, HI
Minimum Secret Clearance required with upgrade eligibility to TS/SCI
As a Threat Detection Specialist you will be a part of the NIWC Cybersecurity Service Provider (CSSP) Operations Threat Detection Team (Fusion Team) and an SME in both network and host-based security tools with associated tools providing data enrichment, orchestration, and automated response. The Fusion Team works closely with the Cyber Threat Intelligence team to coordinate ingestion of near-real-time threat intelligence data into the workflow ensuring rapid analysis, creation of indicator logic, and the conduction of cyber threat hunting missions based off adversarial Technique, Tactics, and Procedures (TTPs).
Position Responsibilities and Duties:
• Maintains knowledge on the current cyber threat landscape
• Creates, updates, and maintains indicator logic using all CSSP tools and resources
• Provides relevant and useful alerts for the Operations Watch team
Qualifications:
• US Citizen
• At least 3 years of experience with IDS/IPS Solutions
• At least 3 years of experience performing analysis or threat hunting with Windows Event logs, Sysmon, and/or Linux logs
• At least 3 years' experience in Cybersecurity Service Provider (CSSP) environment or similar
• Up to 15% global travel may be required; emergency travel may be required with 72-hour notice.
Preferred Qualifications:
• Knowledge of CJCSM 6510.01B
• Knowledge of the MITRE Att&ck Framework
• Offensive Threat Emulation Experience (Red Team)
• Experience with building detections within a SIEM/SOAR or IDS/IPS solution
• Experience with static Malware Analysis
Certifications:
• DoD 8570 Classification IAT –II & CSSP Incident Responder or Analyst Category certification
Adapt Forward, LLC is a federal government contractor. As directed by Executive Order 14042: Ensuring Adequate COVID Safety Protocols for Federal Contractors, all current and newly hired employees, in the United States, are required to be fully vaccinated, or have an allowable accommodation in place, by January 18, 2022.
What We Do
Adapt Forward specializes in Defensive and Offensive cyber operations. We strive to rewrite the rulebook on how Cyber Defense and Incident response is done with a unique blend of offense to validate our defense.