BE A SPARK IN OUR INDUSTRY
JOIN THE METRONOME FAMILY
Every individual has unique passions, career goals, and personal values. We are here to make the connection between those and the needs of our customers. When the stars align, we welcome our new employees - or Pulsers as we like to call them - to the family. We offer competitive benefits to ensure that our Pulsers are well taken care of for whatever comes their way.
All applicants are required to upload a current resume for consideration of employment.
Option 2: Create a New Profile
Cyber Defense Signature Analyst
- Job Title
- Cyber Defense Signature Analyst
- Requirement ID
- Charleston, SC
- Other Location
Cyber Defense Signature Analyst
Employment Type: Full-Time
Location: Charleston, SC
Signatures and E-Policy (SeP) – IDS and IPS Analyst - SeP team develops, supports, tunes, and deploys signatures and policy solutions across various technologies on the project. SeP team performs hands-on Web Application Firewall configuration, policy fine-tuning, management, and maintenance. SeP team develops, supports, tunes, and deploys signatures for Intrusion Detection and Protection Sensors. Leverage information from partner teams to develop more robust, and comprehensive, signatures. Stay up-to-date on current malware trends, and threat actor activities, to ensure the security of the organization.
Web Application Firewall
• Engineers, configures, deploys, and maintains F5 Web Application Firewall solutions.
• Analyzes requests from subscriber sites for blocked web application traffic.
• Coordinates with subscriber sites for Web Application Firewall tuning.
• Coordinates with subscriber sites for onboarding of new Web Applications through the WAF.
• Coordinate with other teams on deployment and maintenance of F5 WAF systems.
• Performs technical analysis and administration tasks on Palo Alto Firewalls and F5 virtual appliances which includes: configure, document, Web Proxy, URL filtering, DLP/Antivirus policies, Panorama, install software/firmware upgrades, system patches; provide troubleshooting, fault isolation, preventive maintenance, technical support and problem-solving
• Engineers, configures, deploys, and maintains IDS infrastructure for subscriber sites.
• Write and deploy custom Suricata and Snort style signatures.
• Analyze network traffic and IDS/IPS alerts to configure Suricata/Snort style signatures.
• Coordinate with other teams on deployment and maintenance of IDS systems.
• Authorized to update signatures and view alerts for IDS/IPS
• Authorized to view Audit Records on Central Log Server
• Overtime may be required as needed to support incident response actions (Surge)
• Up to 15% Travel may be required
• US Citizen
• Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operations.
• Experience implementing security tooling, processes, and strategies in the areas of AV endpoint protection, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Active Directory, and related technologies.
• Experience analyzing web traffic requests.
• Responsible for configuring and managing Palo Alto VM Firewalls within AWS and Azure cloud boundaries by utilizing latest automation techniques.
• Performs technical analysis and administration tasks on Palo Alto Firewalls and F5 virtual appliances which includes: configure, document, Web Proxy, URL filtering, DLP/Antivirus policies, Panorama, install software/firmware upgrades, system patches; provide troubleshooting, fault isolation, preventive maintenance, technical support and problem-solving.
• Experience maintaining, deploying, tuning Web Application Firewalls.
• Experience exploiting web apps and web service security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, XML SOAP, and API attacks.
• Understanding of OWASP Risks, Vulnerabilities and Mitigation mechanisms.
• Experience analyzing network traffic with Wireshark or tcpdump.
• Responsibilities include maintaining the intrusion ruleset, optimizing detection, configuring NGFW ACLs, general device configuration and maintenance, troubleshooting the devices when needed, assisting the analyst teams with investigations, and supporting the Solution Architects with design input and recommendations.
• Experience writing and configuring Snort style IDS/IPS signatures.
• Extensive knowledge of Packet Analysis
• Extensive knowledge of IDS/IPS solutions
• Experience with log aggregation tools
• Logical thinking and analytical capabilities
• Strong oral and written communication skills
• Knowledgeable in network security procedures, best practices, and implementation.
• Practical knowledge in at least one scripting or development language. (e.g. PowerShell or Python)
• Ability to convey extremely technical concepts to audiences with varying technical understanding.
• The ability to solve problems independently or with minimal assistance.
• Expert knowledge in evaluating vendor products and making recommendations to purchase hardware and software.
• Knowledgeable in setting up administrator and service accounts.
• Associates degree or higher from accredited university/technical college in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline
• DoD or DoN Cybersecurity Workforce (CSWF) Certification or compliance (DoDD 8140 or SECNAV M-5239)
o 8570 Classification IAT –II & CSSP Analyst
Background Screening/Check/Investigation: Successful Completion of a Background check will be required as a condition of hire.
Benefits: Metronome offers a comprehensive benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefit eligibility is determined on the type of position (full-time, part-time, temporary). Metronome's range of benefits include, but are not limited to, Medical, Vision & Dental Insurance, Life insurance, Paid Time-off & Company Paid Holidays, Personal Development & Learning Opportunities.
Application Process: Please follow all instructions carefully. Errors or omissions may affect your consideration for employment.
1. Select Create Profile and Apply to Requirement
2. Complete your Profile and Answer the Questionnaire
3. Upload a Current Resume
4.Complete the Online Application and Submit
Evaluation process: Metronome will evaluate applicants based on how well they meet the qualifications of the position above. Your completed application (Including questionnaire, resume and online application) will be used to determine your eligibility and how well you meet the qualifications for the position.
Your responses to the questionnaire may be compared to your resume and application; if either your resume or application contradicts or does not support your responses, you will disqualify yourself and not receive further consideration for this job.
Equal Employment Opportunity Policy
Metronome does not discriminate in employment on the basis or race, color, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.
Reasonable Accommodation Policy
Metronome is committed to providing reasonable accommodations to applicants with disabilities where appropriate. A reasonable accommodation is any change to a job, the work environment, or the way things are usually done that enables an individual with a disability to apply for a job, preform job duties or receive equal access to job benefits.
Applicants requiring reasonable accommodation for any part of the application process or hiring process should contact Metronome Human Resources at firstname.lastname@example.org or 703-957-4082. Determinations on requests for reasonable accommodation will be made on a case-by-case-basis.
- Required Skills