What are the responsibilities and job description for the Security Detection Engineer position at Software Guidance & Assistance?
Job Details
Software Guidance & Assistance, Inc., (SGA), is searching for a Security Detection Engineer for a Contract assignment with one of our premier Regulatory clients in Rockville, MD.
This role is hybrid (2 days/week onsite)
We are seeking a skilled and proactive Security Detection Engineer to join our Security Operations team. This role is pivotal in identifying, analyzing, and mitigating security threats and vulnerabilities in our environment. The ideal candidate will have a deep understanding of security systems, threat detection techniques, and a strong ability to design and develop security monitoring solutions.
Responsibilities :
Threat Detection and Monitoring:
o Design, implement, and maintain advanced threat detection systems, including intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM), and endpoint detection.
o Continuously monitor security alerts and logs to identify signs of malicious activity or vulnerabilities within the network.
o Develop and tune detection rules, signatures, and patterns to identify threats in real-time.
Incident Response:
o Collaborate with the Incident Response team to analyze security incidents, identify the root cause, and work on mitigation strategies.
o Conduct forensic investigations to understand the scope and impact of security incidents.
Security Intelligence and Automation:
o Research emerging security threats and vulnerabilities and integrate intelligence feeds into detection systems.
o Implement automation strategies for faster threat detection and response times.
Collaboration with Other Teams:
o Work closely with IT, DevOps, and Security teams to ensure all systems are secure by design and actively monitored.
o Provide security expertise for the design and implementation of secure architecture for internal and external services.
Reporting and Documentation:
o Document security threats, incidents, and response actions in a clear and concise manner.
o Provide regular reporting on security detection activities, including metrics on threats detected, false positives, and incidents mitigated.
Continuous Improvement:
o Perform regular tuning and optimization of detection rules to minimize false positives and maximize detection effectiveness.
o Stay up to date on the latest security trends, tools, and methodologies, and apply them to enhance the security posture of the organization.
Required Skills:
Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience).
Basic understanding of network protocols, operating systems, and cybersecurity principles.
Experience with common security tools such as SIEM (e.g., Splunk, ArcSight), IDS/IPS, firewalls, endpoint protection, and antivirus solutions.
Understanding of common attack vectors (e.g., phishing, malware, DDoS) and defense mechanisms.
Ability to analyze logs, network traffic, and system activity to identify potential threats.
Preferred Skills:
Knowledge of security frameworks such as NIST, CIS, or ISO 27001.
Certifications such as CompTIA Security , GIAC Certified Detection Analyst (GCDA), GIAC Certified Incident Handler (GCIH), Cisco CCNA Security, or other cybersecurity-related certifications are a plus.
Strong analytical and problem-solving skills, with attention to detail.
Good communication skills and the ability to work well in a team environment.
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
This role is hybrid (2 days/week onsite)
We are seeking a skilled and proactive Security Detection Engineer to join our Security Operations team. This role is pivotal in identifying, analyzing, and mitigating security threats and vulnerabilities in our environment. The ideal candidate will have a deep understanding of security systems, threat detection techniques, and a strong ability to design and develop security monitoring solutions.
Responsibilities :
Threat Detection and Monitoring:
o Design, implement, and maintain advanced threat detection systems, including intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM), and endpoint detection.
o Continuously monitor security alerts and logs to identify signs of malicious activity or vulnerabilities within the network.
o Develop and tune detection rules, signatures, and patterns to identify threats in real-time.
Incident Response:
o Collaborate with the Incident Response team to analyze security incidents, identify the root cause, and work on mitigation strategies.
o Conduct forensic investigations to understand the scope and impact of security incidents.
Security Intelligence and Automation:
o Research emerging security threats and vulnerabilities and integrate intelligence feeds into detection systems.
o Implement automation strategies for faster threat detection and response times.
Collaboration with Other Teams:
o Work closely with IT, DevOps, and Security teams to ensure all systems are secure by design and actively monitored.
o Provide security expertise for the design and implementation of secure architecture for internal and external services.
Reporting and Documentation:
o Document security threats, incidents, and response actions in a clear and concise manner.
o Provide regular reporting on security detection activities, including metrics on threats detected, false positives, and incidents mitigated.
Continuous Improvement:
o Perform regular tuning and optimization of detection rules to minimize false positives and maximize detection effectiveness.
o Stay up to date on the latest security trends, tools, and methodologies, and apply them to enhance the security posture of the organization.
Required Skills:
Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience).
Basic understanding of network protocols, operating systems, and cybersecurity principles.
Experience with common security tools such as SIEM (e.g., Splunk, ArcSight), IDS/IPS, firewalls, endpoint protection, and antivirus solutions.
Understanding of common attack vectors (e.g., phishing, malware, DDoS) and defense mechanisms.
Ability to analyze logs, network traffic, and system activity to identify potential threats.
Preferred Skills:
Knowledge of security frameworks such as NIST, CIS, or ISO 27001.
Certifications such as CompTIA Security , GIAC Certified Detection Analyst (GCDA), GIAC Certified Incident Handler (GCIH), Cisco CCNA Security, or other cybersecurity-related certifications are a plus.
Strong analytical and problem-solving skills, with attention to detail.
Good communication skills and the ability to work well in a team environment.
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
