R&D Engineer - Threat Engineer
BlueVoyant
- Tennessee
- Permanent
- Full-time
Location: Remote East Coast United StatesUS Citizenship Required
A TS/SCI Security Clearance is requiredConquest Cyber, a BlueVoyant Company, understands that our enemies are not simply amateur hackers, but highly motivated, well-funded nation states and criminal organizations. By targeting our nation’s defense and critical infrastructure sectors, cyber-attacks threaten to disrupt the way we live. This is where we sit – at the forefront of this quiet and distributed conflict to ensure cyber resiliency for the sectors critical to our way of life. At Conquest Cyber we build adaptive risk management programs where innovation is most needed, the sectors that protect our way of life. Be part of a world class team, enjoy the challenges and rewards of working with some of the leading U.S. agencies and companies, protect assets that are vital to our society.Job Description:Conquest Cyber is looking for a Threat Engineer to join our talented Center of Excellence team. This team is responsible for leading the development and implementation of automation strategies to improve the efficiency and effectiveness of our MDR Module and supporting artificial intelligence in our Cyber Defender Platform.Responsibilities:
- Collaborate with R&D engineering team members to develop, build, track, and maintain operational systems, projects and tools.
- Support R&D projects, adhering to project timelines and milestones.
- Contribute to the creation of prototypes, proof-of-concepts and innovative solutions what align with industry best practices.
- Assist in testing and evaluations of developed solutions to validate performance and effectiveness.
- Document research findings and technical best practices to improve future product development.
- Assist with root cause analysis on mature product issues
- Remain up to date on Microsoft technologies, API’s and offerings that can enhance our solutions and product value to client
- Develop custom signatures, custom analytics rules, and assess threat data from different sources.
- Process, organize, analyze, and assist in contextualization of incident indicators
- Act as subject matter expert for emerging trends in the cyber threat landscape
- Conduct threat hunting and cyber incident response
- Be a self-starter who is able to manage their time and work effectively.
- Familiarity with the MITRE ATT&CK and D3FEND Frameworks as well as Lockheed Cyber Kill Chain
- A working knowledge and understanding of Kusto Query Language (KQL)
- Working knowledge of Azure, Azure Sentinel, Azure Monitor, and Microsoft Defender
- Excellent written, oral communication, and presentation skills
- Strong problem-solving skills and ability to design innovative solutions to complex challenges
- High learning agility and willingness to learn new technologies, programming languages, and tools
- Ability to communicate and collaborate effectively with cross-functional teams
- Desired Certifications: Security+, Blue Team L1, CySA+, PenTest+, CASP+, OSCP, GIAC, PJPT, PNPT, SC-200, SC-300, SC-400, AZ-500, MS-500, CISSP
- Bachelor’s degree in Business, Computer Science, Information Systems, Cybersecurity, or a related field, or can demonstrate comparable professional programming experience
- Familiarity with cyber security concepts, principles, and industry trends
- Proficiency in programming languages such as Python, Go, or Java for software development
- 3+ years’ experience in a technical capacity; preferably in a role related to any of the following disciplines: senior security operations analyst, incident response, network monitoring or analysis, intrusion or anomaly detection analysis, threat hunting, threat attribution assessment, penetration testing, etc.