Connecticut, US

IS & Cyber Security Specialist

Job Description

Fragomen is seeking a dynamic, experienced IS & Cyber Security Specialist with strong operational and analytical experience in Threat Detection and Disruption to join our talented Cyber Security team in our Technology & Innovation Lab in Pittsburgh.

Our industry-leading, immigration specific technology and infrastructure is undergoing tremendous transformation and security is on the critical path to success in that endeavor.  We seek a professional who is passionate about security, capable of effecting change, and eager to advance threat detection and response capabilities using traditional and emerging technologies.  You will be joining a team of Cyber Security Specialists who make security a distinguishing factor in our technological offerings.  The successful candidate will help engineer solutions to focus our defensive and response efforts throughout our environment.

What a Senior IS & Cyber Security Specialist does at Fragomen:

  • Refine, validate and exercise our Threat Detection and Disruption program.
  • Develop detection techniques to protect our evolving environment and technical offerings.
  • Architect, deploy and maintain our network and endpoint detection tools to reduce our time to alert, triage and mitigation from potential threats.
  • Deploy, mature and maintain our future logging tier, security event incident management (SIEM) system and alert, triage and response pipeline.
  • Lead in the evolution of our protection, detection and mitigation capabilities based on experience, evolving threat environment and findings from cyber security incidents.
  • Participate in a cross-functional response to cyber security incidents.
  • Develop and maintain strong relationships with key partners to create our detection and threat disruption program.
  • Participate in threat hunting efforts.

Let’s talk if you have the following experience, knowledge, skills and education:

  • Ten (10) or more years of practical Threat Detection and Disruption experience.
  • A passionate team player who builds knowledge and solves complex problems.
  • Demonstrated knowledge of detection tools with the ability to write signatures (Snort, Suricata, Yara, etc.).
  • Proficiency in a modern high-level language (Python, Ruby, Node, Go, etc.).
  • Experience in establishing and maintaining a SIEM (Splunk, ArcSight, QRadar, ELK, etc.).
  • Proven experience in developing intrusion detection techniques and operational responses.
  • Experience in architecting and deploying logging technology (Syslog, Logstash, etc.).
  • Strong, professional communication skills that maintain under pressure.
  • A Bachelor’s degree in a related field or a combination of related experience.
     

These things are great, but not required:

  • Experience in developing highly automated detection and triage tools.
  • Knowledge of detection, forensic, security event and incident management, and orchestration tools.
  • Technical certification that demonstrate technical prowess in DFIR to include GIAC (GCIH, GCFA, GCIA), Offensive Security (OSCP, OSCE, OSEE), and/or Vendor specific (Splunk, QRadar, ELK, etc.).
Path Created with Sketch. US-Pittsburgh
Full Time
REQ-010835
Apply for a job