Sbd is looking for an exabeam engineer to join our team in support of a large-scale cyber security program with our federal customerThis individual will join a team responsible for operating and maintaining security configurations and applications supporting incident response ensuring 24x7 availabilityThis position can be 100% remote.
Create procedures and documentation for maintaining all hardware and software Perform full-scope administration, management, configuration, patching, upgrades, and optimization of incident response tools and devices Develop and deploy new security incident response tool, device, or content Maintain, patch, operate and support the incident response tools, and architect, deploy, test, maintain, patch, operate, and support any new tools supporting incident response Provide experienced systems administrators, with experience using configuration management tools (e.gAnsible, chef, powershell) to manage the system Manage signature sets across a range of monitoring technologies, implementing signature policies and applying those signatures Manage and tune signature sets to maximize true positives and minimize false positives Document all tool tuning activities in the tools tuning activities log Implement approved access requests, perform user recertification, and remove users deemed no longer approved to the suite of approved tools Assist stakeholders in the event they have questions on reports generated from the tools, have issues with access or querying in the tools, the scanning and continuous monitoring process in general, or otherwise stated Provide expertise to conduct integration, development, deployment, recapitalization, operations, and maintenance support for a variety of security technologies
Must be a us citizen with the ability to obtain an agency-specific clearance prior to starting Must also be able to obtain and maintain a dod top secret clearance while employed on this program Proven experience utilizing exabeam Experience with common security tools:
Developer/scripting experience with tools such as python, bash, powershell, rest api, splunk Experience with information security devices, including firewalls and intrusion detection and prevention systems, and applications, including security information management tools, such as splunk Experience with signatures, tactics, techniques, and procedures associated with cyber threats and actors Must have and maintain at least two (2) active certifications: a+, network+, security+, isc2 cissp, or other comparable certification which must be approved in advance on a case-by-case basis Ba/bs or a minimum of three (3) years of experience in incident detection and response Three (3) years of experience in system administration, database administration, network engineering, software engineering, software development, or comparable experience which must be approved in advance on a case-by-case basis
Good communication and interpersonal skills Background in vulnerability management Background in scanning tools such as tenable Experience working in a microsoft ad environment Firm understanding of tcp/ip Experience with open source technologies
Applying through jobeka.lk CV will be a benefit for you to prioritize your CV