Security Development Team Developer

Peraton is currently hiring for a: Security Development Team Developer to join our Federal Strategic Cyber Programs.

Location: Beltsville, MD and Roslyn, VA.  This is an on-site position and will support Monday – Friday from 8:00am to 5:00pm.     

In this role, you will: 

• Implement SIEM detection capabilities. 
• Develop alerting for cloud-related malicious activity. 
• Coordinate detection efforts between the Security Development Team, Malware Team, and Threat Integration Team. 
• Develop and enhance threat dashboards and advanced analysis capabilities. 
• Assist in integrating ticketing solution with detection and response events (SOAR). 
• Onboard and integrate cyber monitoring tools from the analyst’s perspective. 
• Write Microsoft Defender for Endpoint (MDE), Zeek (Bro) Suricata and Snort signatures, develop new content for cyber defense tools. 
• Collaborate with endpoint and cloud signature analyst in writing Bespoke alerts.
• Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) to improve threat detection. 
• Provide Security Developer detections support in a 24x7x365 environment. 

Required:

• Bachelor’s degree and 5 years of relevant experience; or a Master's degree and 3 years of experience. An additional 4 years of experience will be considered in lieu of degree.
• Must possess ONE of the following certifications or the ability to obtain before start date:
• CCNA-Security, CEH, CFR, CHFI, Cloud+, CySA+, GCFA, GCIA, GCIH, GICSP, SCYBER

• Expertise in planning, implementation and usage of log aggregation and security analysis tools. 
• Knowledge of Splunk, native event logs, and ability to identify remediation steps for cybersecurity events. 
• Strong organizational skills.
• Proven ability to operate in a time sensitive environment.  
• Proven ability to communicate orally and written. 
• Proven ability to brief (technical/informational) senior leadership. 
• Ability to scope and perform impact analysis on incidents. 
• U.S. citizenship required.
• Secret security clearance to start with the ability to obtain a Top Secret security clearance.

Preferred:  

• Familiarity with monitoring Cross Domain Solutions. 
• Familiarity with Databricks.
• Understanding of Machine Learning and User and Entity Behavior Analytics. 
• Understanding of Cloud Development with Microsoft Azure/MDE. 
• Understanding of SQL, Python and JavaScript. 
• Understanding of Splunk ES and Splunk ES Cloud
• Microsoft Certifications (SC-200, SC-300, SC-400, SC-900)
• Splunk Certifications (Using ES, Administering ES, Enterprise Data Administration, Core Certified User, Power Certified Use)