About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Responsibilities
Peraton is currently seeking a Cyber Incident Response Developer to become part of Peraton’s Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes. You will be a part of the Cyber Incident Response Team.
Location: Beltsville, MD. Required: on-site work for the first 90 days. After the 90 day period, a hybrid schedule may be offered. This position will support Monday – Friday from 8:00am to 5:00pm.
In this role, you will:
- Implement SIEM detection capabilities.
- Develop alerting for cloud-related malicious activity.
- Coordinate detection efforts between the development and hunt teams.
- Develop and enhance threat dashboards and advanced analysis capabilities.
- Assist in integrating ticketing solution with detection and response events (SOAR).
- Onboard and integrate cyber monitoring tools from the analyst’s perspective.
- Write Microsoft Defender for Endpoint (MDE), Zeek (Bro) Suricata and Snort signatures, develop new content for cyber defense tools.
- Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) to improve threat detection.
- Provide Developer support in a 24x7x365 environment.
#DSCM
Qualifications
Required:
- Bachelor’s degree and 5 years of relevant experience; or a Master's degree and 3 years of experience. An additional 4 years of experience will be considered in lieu of degree.
- Must possess ONE of the following certifications or the ability to obtain before start date:
- CCNA-Security, CEH, CFR, CHFI, Cloud+, CySA+, GCFA, GCIA, GCIH, GICSP, SCYBER
- Expertise in planning, implementation and usage of log aggregation and security analysis tools.
- Knowledge of Splunk, native event logs, and ability to identify remediation steps for cybersecurity events.
- Strong organizational skills.
- Proven ability to operate in a time sensitive environment.
- Proven ability to communicate orally and written.
- Proven ability to brief (technical/informational) senior leadership.
- Ability to scope and perform impact analysis on incidents.
- U.S. citizenship required.
- Secret security clearance to start with the ability to obtain a Top Secret security clearance.
Preferred:
- Familiarity with monitoring Cross Domain Solutions.
- Familiarity with Databricks.
- Understanding of Machine Learning and User and Entity Behavior Analytics.
- Understanding of Cloud Development with Microsoft Azure/MDE.
- Understanding of SQL, Python and JavaScript.
- Microsoft Certifications (SC-200, SC-300, SC-400, SC-900)
Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.
SCA / Union / Intern Rate or Range
EEO
An Equal Opportunity Employer including Disability/Veteran.