Threat Detection Specialist

DLH delivers improved health and national security readiness solutions for federal programs through science research and development, systems engineering and integration, and digital transformation. Our experts in public health, performance evaluation, and health operations solve the complex problems faced by civilian and military customers alike by leveraging advanced tools – including digital transformation, artificial intelligence, data analytics, cloud enablement, modeling, and simulation, and more. With over 3,200 employees dedicated to the idea that “Your Mission is Our Passion,” DLH brings a unique combination of government sector experience, proven methodology, and unwavering commitment to innovation to improve the lives of millions.

Overview:

As a Threat Detection Specialist, you will be responsible for the creation, development, and the evolution of detection logic. You will work closely with the SOC floor to help improve the performance and efficacy of detection logic. You will be researching TTPs and the threat landscape and translating that research into high quality custom detections. 

Responsibilities:

• Use Network and Host Based data to drive detection, monitoring, and response capabilities.
• Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks.
• Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs).
• Overtime may be required as needed to support incident response actions (Surge).
• Up to 15% Travel may be required.

Qualifications:

• Must be a US Citizen.
• At least 3 years of experience performing Incident Response, Forensics, Malware Analysis, or Penetration Testing
• At least 3 years of experience performing analysis or threat hunting with Windows Event logs, Sysmon, and/or Linux logs.
• At least 3 years of experience using a Log Aggregator 
• Minimum Secret Clearance required with upgrade to TS-SCI 

Preferred Qualifications: 

• At least 3 years of experience with performing analysis, threat hunting, or building detection in Splunk.
• At least 3 years of experience threat hunting or performing Incident Response in an EDR.
•  Strong written and verbal communication skills.
•  Strong understanding of network level protocols
• Low level Operating System understanding (Windows/Linux internals).
• Ability to perform basic static Malware Analysis 

Required Certifications: 

• DoD 8570 and CNDSP IR compliant certifications  

Benefits: DLH Corp offers our employees an excellent benefits package including - Personal Time Off (PTO), medical, dental, vision, supplemental life with AD&D, short and long-term disability, flexible spending accounts, parental leave, legal services and more. We want our employees to save for their future, therefore we offer a 401(k) Retirement Plan, which includes a matching component. DLH is dedicated to your career development, providing training to help drive success, with access to our best-in-class e-Learning suite for formal and informal learning, professional and technical certification preparation, and education assistance at accredited institutions.