Detection Engineer

WarCollar Industries is currently looking to hire a Detection Engineer on a full time, permanent basis. This position must be performed onsite in McLean, VA and requires an active TS/SCI w/ Full Scope Polygraph security clearance.

Title: Detection Engineer

Location: McLean, VA

***This position must be performed within shift hours either Sunday-Wednesday or Wednesday-Saturday.

Available Shift Hours:

• 1st (0600-1600)
• 2nd (1200-2200)
• 3rd (2100-0700)

Summary:

WarCollar Industries wants you to join the team who protect and defend the largest target in the world using your expertise in Host Based IDS, IPS, and specialized network defense. This position will utilize the latest cyber tools available and assist in creating new ones while allowing you to advance the nation’s information security posture.

Responsibilities:

Creation, editing, and management of signatures, custom rules and filters for specialized network defense systems including but not limited to:

• Network and host-based IDS, IPS, firewall, web application firewall
• Manage and administer the tuning of rules, signatures, and custom content for specialized CND applications and systems
• Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
• Participate in inter-agency relationships with partner organizations to facilitate mission execution
• Provide innovation and creative solutions to challenging problems
• Provide logical use case development
• Provide and track requirements to engineering partners
• Identify gaps in visibility or coverage of cyber defense systems
• Prepare data analytics and reporting

Qualifications:

Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

• Host Intrusion Detection System/Intrusion Prevention Systems (EDR/IDS/IPS)
• Network and Host malware detection and prevention (EDR/NDR)
• Network and Host forensic applications
• Web/Email gateway security technologies
• Experience with MS Azure and/or any other cloud platforms such as AWS, GCP, Oracle, etc.
• Ability to demonstrate expertise utilizing SIEM tools for use case development and application
• Ability to demonstrate interpersonal, organizational, writing, communications, and briefing skills
• Ability to effectively use analytical and problem-solving skills