Careers - Metronome
Careers

BE A SPARK IN OUR INDUSTRY
JOIN THE METRONOME FAMILY


Every individual has unique passions, career goals, and personal values. We are here to make the connection between those and the needs of our customers. When the stars align, we welcome our new employees - or Pulsers as we like to call them - to the family. We offer competitive benefits to ensure that our Pulsers are well taken care of for whatever comes their way.


Tier 3 Content Development

Job Title
Tier 3 Content Development
Requirement ID
27407277
Location
Franconia (Walker Lane),  VA
Other Location
Description

Required Security Clearance: TS/SCI clearance and DHS EOD

Required Education: Bachelor's degree

Required Experience

  • 5+ years of professional experience

Functional Responsibility:

Metronome is seeking a Tier 3 Cyber Network Defense Analyst to join our team on a highly visible cyber security program that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff. 

The Tier 3 analyst will provide support during core business hours and will also participate in an on-call rotational schedule.

Duties include proactively searching for threats. Inspect traffic for anomalies and new malware patterns. Investigate and analyze logs. Provide analysis and response to alerts when escalated from junior analysts, and document activity in SOC investigations and Security Event Notifications (SENs). Develop custom content within the SIEM or other network security tools to detect threats and attacks against the department. Tier 3 analysts participate in briefings to provide expert guidance on new threats and will act as an escalation point for M&A analysts. The analyst may also be required to author reports and/or interface with customers for ad-hoc requests. In addition, the Tier 3 analyst may be asked to participate in discussions to make recommendations on improving SOC visibility or process.

Qualifications:

Candidates shall have a minimum of five (5) years of professional experience in security, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention (DLP), Encryption, Two-Factor Authentication, Web-filtering, and Advanced Threat Protection.

  • Experience implementing security methodologies and SOC processes
  • Extensive knowledge about network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
  • Experienced with network topologies and network security devices (e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc).
  • Hands-on experience utilizing network security tools (e.g. Sourcefire, Suricata, Netwitness, o365, FireEye, etc) and SIEM
  • Experience training and mentoring junior analysts
  • Expertise in developing custom SPL using macros, lookups, etc.
  • Experience creating regex for pattern matching
  • Extensive knowledge of common end user and web application attacks and countermeasures against attacks
  • Experience creating SOPs and providing guidance to junior analyst
  • Ability to analyze new attacks and provide guidance to watch floor analyst on detection and response
  • Knowledgeable of the various Intel Frameworks (e.g. Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow

Preferences:

  • Experience implementing security methodologies and SOC processes
  • Experience developing custom workflows within Splunk to streamlines SOC processes
  • Knowledgeable of APTs their capabilities and experience implementing appropriate countermeasures
  • Experience in a scripting language (e.g. Python, Powershell, etc) and automating SOC processes/workflow
  • Experience with performing cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiarity with cloud threat landscape

Required Certification: One of the following below.

  • SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, or GCIH. 
  • EC Council: CEH, CHFI, LPT, ECSA. ISC2: CCFP, CCSP, CISSP CERT CSIH.
  • Offensive Security: OSCP, OSCE, OSWP and OSEE

Working Conditions:

Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are normally set from Monday through Friday 8:00am to 5:00pm, however some extended or weekend hours may be required. Additional details on the precise hours will be informed to the candidate from the Program Manager/Hiring Manager.

Physical Requirements:

May be required to lift and carry items weighting up to 25 lbs. Requires intermittent standing, walking, sitting, squatting, stretching, and bending throughout the work day.

Background Screening/Check/Investigation:

Successful Completion of a Background Screening/Check/Investigation will/may be required as a condition of hire.

Employment Type: Full-time / Exempt

Benefits:

Metronome offers competitive compensation, a flexible benefits package, career development opportunities that reflect its commitment to creating a diverse and supportive workplace.  Benefits include, not all inclusive – Medical, Vision & Dental Insurance, Paid Time-Off & Company Paid Holidays, Personal Development & Learning Opportunities.

Other:

An Equal Opportunity Employer:  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Metronome LLC is committed to providing reasonable accommodations to employees and applicants for employment, to assure that individuals with disabilities enjoy full access to equal employment opportunity (EEO).  Metronome LLC shall provide reasonable accommodations for known physical or mental limitations of qualified employees and applicants with disabilities, unless Metronome can demonstrate that a particular accommodation would impose an undue hardship on business operations.  Applicants requesting a reasonable accommodation may make a request by contacting us.

Required Skills

See above
Openings
1