Application Engineer 4
HerndonOn-site
AI Summary
🔒 Clearance & Citizenship Requirements This position requires U.S. Citizenship and an active TS/SCI security clearance with Full Scope Polygraph. Candidates who do not currently hold these credentials will not be considered.Required:• EDR Solutions: Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR, preferably both).• Cloud Applications: Experience with cloud security and familiarity with cloud service providers (AWS or Azure, preferably both).• Clou
About this role
🔒 Clearance & Citizenship Requirements
This position requires U.S. Citizenship and an active TS/SCI security clearance with Full Scope Polygraph. Candidates who do not currently hold these credentials will not be considered.
Required:
• EDR Solutions: Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR, preferably both).
• Cloud Applications: Experience with cloud security and familiarity with cloud service providers (AWS or Azure, preferably both).
• Cloud Security: Experience securing cloud-hosted workloads using EDR solutions and understanding cloud-native security controls and logging (Microsoft Sentinel, Microsoft Defender, Microsoft Purview, AWS CoudWatch, AWS CloudTrail, AWS GuardDuty, or AWS Security Hub). CCSP Certified Cloud Security Professional certification or equivalent.
• Security Operations Center (SOC) Support: Experience supporting SOC functions such as assisting in monitoring, training analysts, documenting SOPs, incident response coordination, analysis of security events, and process/procedure improvement. Microsoft Certified: Security Operations Analyst Associate (SOAA) or equivalent.
• Network Security: Understanding of network protocols, traffic analysis, and intrusion detection systems (CompTIA Security+ is required).
• Windows Forensics: In-depth knowledge of Windows operation system internals, registry, and file system. Familiarity with forensic tools like EnCase, FTK, or open-source alternatives. SANS Windows Forensic Analysis (FOR500) or equivalent.
Desired:
• Threat Hunting: Proactive identification and investigation of potential security threats and anomalies.
• Incident Response: Experience in managing and responding to security incidents, including containment, eradication, and recovery.
• Security Information and Event Management (SIEM): Familiarity with SIEM systems for log analysis and correlation (e.g. Splunk, Elastic, Microsoft Sentinel).
• Scripting and Automation: Proficient in scripting languages (e.g., PowerShell, Python) for automating tasks and workflows.
• Certified Information Systems Security Professional (CISSP)
• Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)