About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Responsibilities
Peraton is seeking a motivated Cyber Detection / Systems Engineer to join our team in support of the U.S. Army Regional Cyber Center - Europe (RCC-E) services contract.
Location: Wiesbaden, Germany. Flexible for occasional telework – must be local to work location.
In this role, you will:
- Create analytics with a SIEM to identify patterns, anomalies, and compromising indicators to alert Cyber Incident responders.
- Create dashboards in the SIEM platform to tip analysts to malicious activities directed against the DoD information systems.
- Create dashboards and report in the SIEM platform to assist network defenders in identifying issues and concerns.
- Perform daily review of analytic performance on the SIEM identifying correlation engine slowdowns.
- Evaluate intrusion detection sensor configurations for proper alert capability.
- Evaluate intrusion detection signature for appropriateness to DoD networks and implement rules as required.
- Contribute to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations.
- Assist in the integration of additional security platforms to correlate new data with HIDS and NIDS alerts.
- Prepare and presents technical reports and briefings.
- Write reports on capabilities of the defensive cyber operations to increase customer situational awareness and improve the customer’s cyber security posture.
- Write and update SOP and TTPs as required by the local customer.
Qualifications
Requirements:
- Minimum of 5 years experience in Systems Engineering with a Bachelor’s degree in a STEM field or Business Administration; an additional 4 years of experience in lieu of degree may be considered.
- Must be able to qualify for technical expert status accreditation (TESA) by having a bachelor's degree in a STEM field or Business Administration plus 3 years of specialized experience OR an associate’s degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience.
- Active DoD Approved 8140 Certification (DCWF:511 - B.S. in STEM, GCFA, GCIA, CFR, Cloud+, CYSA+, GCED or PenTest+) and (8140 Residential within 90 days of acceptance - GDAT, GCDA, Elastic Certified Engineer, or ArcSight ESM Advanced Analyst).
- U.S. citizenship required.
- An Active DoD Top Secret security clearance.
Preferred:
- Experience in developing dashboards, and creating and maintaing Elasticsearch rules.
- Experience with intrusion detection systems such as Snort, Suricata, and TippingPoint.
- Experience with one or more scripting languages such as PowerShell, Bash, Python.
- Experience working with Gitlab.
- Familiarity with ATT&CK Navigator and the MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) matrices.
Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.
SCA / Union / Intern Rate or Range
EEO
An Equal Opportunity Employer including Disability/Veteran.
