NikSoft

Threat Intelligence Platform Engineer

US-NC-Morrisville
3 weeks ago
ID
2017-1275
# of Openings
1
Category
Information Technology

Overview

NikSoft Systems Corporation is a recognized Information Technology solutions provider. Founded in 1998 and based in Reston, Virginia, NikSoft is a CMMI Level 3 Certified company with an established reputation for excellence and on-time delivery with a consistently high customer satisfaction rating from its Federal Government and private consulting contracts.

Responsibilities

Seeking a professional and experienced Threat Intelligence Platform to join our on-site client-facing team. The successful candidate is proficient with Anomali and/or ThreatConnect Threat Intelligence Platform (TIP) implementations. Candidate with strong data integration experience between multiple intelligence source feeds and Splunk preferred. Candidate will need to provide data analysis skills to identify trends and patterns. Successful candidates will have previous programming skills for improved automation.

  • Analyze commercial and open source intelligence feeds, adding context, and sharing key findings through formal and informal executive briefings.
  • Provide expertise for developing and implementing the Corporate Information Security Office (CISO)’s cyber threat intelligence capability, federated across multiple operational units.
  • Develop and update Splunk queries/dashboards.
  • Comfortable writing API integrations and working with a variety of security related technologies in a dynamic customer environment
  • Create and support data processing pipelines and storage systems for threat intelligence data.

Qualifications

  • 3-7 years of experience working in the areas of (intelligence, information security, network forensics, insider threat).
  • 2+ years of Linux/Unix software development proficiency in any of the following languages; Java, Python, C++
  • BA/BS in computer science, information security, or a related field or equivalent experience.
  • Certifications: One or more preferred - CISSP, CISA, CISM, GIAC, RHCE, CPTE, or CEH
  • Must be highly motivated with the ability to self-start, prioritize assignments, and work in a collaborative Agile team environment.
  • Excellent knowledge of a wide variety of security solutions and technologies, including: Linux, Network architecture/implementation/configuration experience, Firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (Gateway and SaaS), Malware/security experience.
  • Familiarity with common network vulnerability/penetration testing methodologies and tools.
  • Be able to demonstrate expert level knowledge on how to enable indicator detection at every point along the kill chain.
  • Experience with relational and NoSQL databases.
  • Possess analytical skills to make efficient and acceptable decisions.
  • Effective oral and written communication skills to interact with constituents and other teams.
  • Experience evaluating systems and network devices and enterprise networks for IA vulnerabilities.
  • Overall experience with Security Operation tools inclusive of products from RedSeal, Tenable, FireEye, Looking Glass, Intel, Endgame, StealthWatch, RSA, Tanium.
  • Demonstrable SIEM experience specific t Splunk.
  • US Citizenship status and Active DoD Secret Clearance (preferred), must successfully complete the government's security process (required).

 

BENEFITS:

 

NikSoft’s competitive benefits program includes comprehensive medical and dental care, matching 401K, paid time off, flexible spending accounts, disability coverage, and other benefits that help provide financial protection for you and your family.

 

 

NikSoft Systems Corp is fully committed to the concept and practice of equal opportunity and affirmative action in all aspects of employment.  NikSoft is an EOE M/F/Disability/Veteran employer. For more information about our other openings, please visit www.niksoft.com.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed