BE A SPARK IN OUR INDUSTRY
JOIN THE METRONOME FAMILY
Every individual has unique passions, career goals, and personal values. We are here to make the connection between those and the needs of our customers. When the stars align, we welcome our new employees - or Pulsers as we like to call them - to the family. We offer competitive benefits to ensure that our Pulsers are well taken care of for whatever comes their way.
Option 2: Create a New Profile
Tier 3 Content Development
- Job Title
- Tier 3 Content Development
- Requirement ID
- Franconia (Walker Lane), VA
- Other Location
Employment Type: Full-time
Required Security Clearance: TS/SCI clearance and DHS EOD
Required Education: Bachelor's degree
5+ years of professional experience
Metronome is seeking a Tier 3 Cyber Network Defense Analyst to join our team on a highly visible cyber security program that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff.
The Tier 3 analyst will provide support during core business hours and will also participate in an on-call rotational schedule.
Duties include proactively searching for threats. Inspect traffic for anomalies and new malware patterns. Investigate and analyze logs. Provide analysis and response to alerts when escalated from junior analysts, and document activity in SOC investigations and Security Event Notifications (SENs). Develop custom content within the SIEM or other network security tools to detect threats and attacks against the department. Tier 3 analysts participate in briefings to provide expert guidance on new threats and will act as an escalation point for M&A analysts. The analyst may also be required to author reports and/or interface with customers for ad-hoc requests. In addition, the Tier 3 analyst may be asked to participate in discussions to make recommendations on improving SOC visibility or process.
Candidates shall have a minimum of five (5) years of professional experience in security, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention (DLP), Encryption, Two-Factor Authentication, Web-filtering, and Advanced Threat Protection.
- Experience implementing security methodologies and SOC processes
- Extensive knowledge about network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
- Experienced with network topologies and network security devices (e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc).
- Hands-on experience utilizing network security tools (e.g. Sourcefire, Suricata, Netwitness, o365, FireEye, etc) and SIEM
- Experience training and mentoring junior analysts
- Expertise in developing custom SPL using macros, lookups, etc.
- Experience creating regex for pattern matching
- Extensive knowledge of common end user and web application attacks and countermeasures against attacks
- Experience creating SOPs and providing guidance to junior analyst
- Ability to analyze new attacks and provide guidance to watch floor analyst on detection and response
- Knowledgeable of the various Intel Frameworks (e.g. Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow
- Experience implementing security methodologies and SOC processes
- Experience developing custom workflows within Splunk to streamlines SOC processes
- Knowledgeable of APTs their capabilities and experience implementing appropriate countermeasures
- Experience in a scripting language (e.g. Python, Powershell, etc) and automating SOC processes/workflow
- Experience with performing cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiarity with cloud threat landscape
Required Certification: One of the following below.
- SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, or GCIH.
- EC Council: CEH, CHFI, LPT, ECSA. ISC2: CCFP, CCSP, CISSP CERT CSIH.
- Offensive Security: OSCP, OSCE, OSWP and OSEE
Work Schedule: Core Hours
Background Screening/Check/Investigation: Successful Completion of a Background Check will be required as a condition of hire.
Benefits: Metronome offers a comprehensive benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefit eligibility is determined on the type of position (full-time, part-time, temporary). Metronome’s range of benefits include, but are not limited to, Medical, Vision & Dental Insurance, Life Insurance, Paid Time-Off & Company Paid Holidays, Personal Development & Learning Opportunities.
Application Process: Please follow all instructions carefully. Errors or omissions may affect your consideration for employment.
- Select Create Profile and Apply to Requirement
- Complete your Profile and Answer the Questionnaire
- Upload a current resume
- Complete the Online Application and Submit
Evaluation Process: Metronome will evaluate applicants based on how well they meet the qualifications of the position above. Your completed application (including questionnaire, resume, and online application) will be used to determine your eligibility and how well you meet the qualifications for this position.
Your responses to the questionnaire may be compared to your resume and application; if either your resume or application contradicts or does not support your responses, you will disqualify yourself and not receive further consideration for this job.
Equal Employment Opportunity Policy
Metronome does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.
Reasonable Accommodation Policy
Metronome is committed to providing reasonable accommodations to applicants with disabilities where appropriate. A reasonable accommodation is any change to a job, the work environment, or the way things are usually done that enables an individual with a disability to apply for a job, perform job duties or receive equal access to job benefits.
Applicants requiring reasonable accommodation for any part of the application process or hiring process should contact Metronome Human Resources at email@example.com or 703-957-4082. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.
- Required Skills