Detection Engineer Cloud SME at Adapt Forward

Cyber Security Analyst III Detection Engineer Cloud SMENorth Charleston SCSecret Required to Start TS SCI RequiredAs a Detection Engineer Cloud SME you will be responsible for designing developing and implementing detection mechanisms to identify cyber threats within a Cybersecurity Service Provider (CSSP) environment. You will focuse on creating and managing IDS/IPS signatures log correlation rules and other detection tools based on indicator lifecycle analysis. You collaborate with Defensive Cyber Operations (DCO) Watch Analysts and other teams to ensure timely and effective threat detection adhering to CJCSM 6510.01B reporting requirements and supporting the CSSPs mission to protect data across a wide spectrum of sources and locations.Position Requirements and DutiesAct as the primary SME for cloud log sources designing efficient and secure log ingestion pipelines across multi-cloud environments (AWS Azure GCP).Design and implement detection logic (KQL EQL and/or SPL) tailored to cloud-native threats native threats and cloud infrastructure(eg containers like Kubernetes Docker etc)Analyze threat intelligence to create and refine detection mechanisms tailored to the customers environmentValidate and test detection rules to ensure accuracy minimize false positive and benign positive matches and enhance threat identification capabilitiesCollaborate with DCO Watch Analysts to integrate detection mechanisms into monitoring and incident response workflowsMaintain and update detection tools and signatures in response to evolving threats ensuring compliance with CJCSM 6510.01B and other applicable directivesCompile and maintain internal standard operating procedure (SOP) documentation for detection creation and implementation processesPerform log analysis of Splunk and Elastic to support detection development and validationCoordinate with reporting agencies and subscriber sites to align detection strategies with operational needs and threat intelligenceParticipate in program reviews product evaluations and onsite certification evaluations to assess detection tool efficacyOvertime may be required to support detection implementation or incident response actions (Surge)Up to 10% travel may be requiredMinimum QualificationsBachelors Degree in relevant discipline and 5 years or at least 8 years of experience working in a CSSP SOC or similar environment2 years of experience with signature development detection logic creation and optimization on multiple platformsMust be a U.S. CitizenDesired QualificationsDeep technical expertise in major cloud provider security models and services (AWS IAM Azure AD GCP IAM CloudTrail Azure Monitor VPC flow logs etc.).Experience working with and developing signatures for Splunk and ElasticExperience with threat intelligence platforms and indicator managementProficient knowledge of detection creation and implementation processesExpertise in IDS/IPS solutions including signature development and optimizationStrong understanding of the indicator lifecycle including initial discovery development operational maturity and long-term sustainmentEffective verbal and written communication skillsAbility to solve complex problems independentlyPreferred certifications: AWS Certified Security Azure Security Engineer Associate or equivalent SANS GIAC certifications.Required CertificationsMust have requisite certifications to fulfill DoD 8570 IAT Level II and CSSP-specific requirementsCompany OverviewAdapt Forward is a cybersecurity solutions provider for some of the nations most valuable information systems. Leveraging advanced threat assessment technology and experience in building high-level information security infrastructure we develop adaptive solutions uniquely tailored to our customers business objectives to protect sensitive data against sophisticated threats in an increasingly complex security environment.Summary of BenefitsComprehensive Physical Wellness Package including Medical Dental Vision Care plus Flexible Spending Accounts for health- and dependent-care are included in our standard benefits plan.401k Retirement Plan with Matching Contribution is immediately available and vested.Annual Training Budget to be used for conference attendance school enrollment certification programs and associated travel expenses.Eleven Federal Holidays plus three weeks of PTO/vacation/sick leave that accrues at a rate of ten hours per month.Employee Assistance Program: Counseling/legal assistance and other employee well-being programs are also offered. Equal opportunity employer as to all protected groups including protected veterans and individuals with disabilities.Adapt Forwards Veteran/Disability Affirmative Action Plan narrative section is available for inspection upon request during normal business hours at the Human Resources office and may be requested by contacting Human Resources at Required Experience:Senior IC Key Skills ASP.NET,Health Education,Fashion Designing,Fiber,Investigation Employment Type : Full-Time Experience: years Vacancy: 1