Zeek Bro Engineer- Subject Matter Expert
Title:Zeek/Bro Engineer/SME – US Treasury – Active Secret Clearance Required
Location:Vienna VA US
Are you an accomplished IT professional with experience in ZEEK?
Are you ready for the next step up in your professional career?
IT Coalition, a leading IT Consultant, has an immediate opening for a full-time ZEEK Engineer / subject matter expert (SME):
Experience in customizing configurations of deployed ZEEK sensors to maximize detection of threats against a Federal Agencys infrastructure.
Active Secret Clearance (or higher).
In this important role, you will have a premier opportunity to apply your ZEEK experience to systems supporting Department-wide security operations for the US Treasury in the DC metro area.
The position is currently telework.
Under normal conditions, the primary work location is at a metro accessible (Silver Line) location in Vienna (Tysons Corner) Virginia, with occasional travel to Government offices in downtown Washington, DC. No travel outside the DC metro area is anticipated.
If you are an experienced ZEEK engineer / SME who thrives in a high-paced, collaborative environment, then we want to hear from you!
What Youll Get to Do:
Support a major Federal Government Agencys Security Operations Center (SOC).
Work directly with the information security team leadership.
Maximize the capabilities within the Zeek framework to enhance threat detection across the Agencys networks.
Convert existing Snort Signatures over to Zeek.
Once the Zeek sensors are optimized, assist in terminating the Snort infrastructure, enabling the Agency to optimize and focus solely on Zeek.
Collaborate with the SOC Threat and Risk Team to identify new signature requirements and build new process analytic functionality.
Work with the SOC DevOps team to configure systems to perform the following:
Signature development, sensor signature configuration, signature deployment.
Protocol network flow analytic configuration & tuning.
SSL certificate detection.
Alert generation management.
Train SOC analysts to effectively monitor Zeek.
Youll Bring These Qualifications:
Must be US Citizen.
Active Secret Clearance (or higher).
Bro/Zeek engineering / support expertise.
Solid working knowledge of Pulled Pork and Aanval Snort management systems.
Highly desire a strong understanding of common server / application protocols.
2+ years of Linux experience and/or Linux certification.
3+ years of experience supporting a large enterprise environment.
Ideal candidates will be team players with strong interpersonal skills.
Computer & IT , Computer Security , Consulting , IT Consulting , Federal Government
Fire Investigator 05/23/20 – Title: Fire Investigator (Part-time) Location:Pittsburgh Pennsylvania US Category:Insurance Job Description: Donan is looking for apart-time Fire...Apply For This Job
Acccount Executive 05/13/20 – Federal Account Executive Remote – Oklahoma Full Time 40255 About: What makes Gartner Sales a GREAT...Apply For This Job
Presales Solution Expert 05/19/20 – PRESALES SOLUTION EXPERT – WEST Sales PRESA06501 Full-Time Remote – USA Job Details Description Ultimate...Apply For This Job
Senior Data Center Solutions Architect 05/26/20 – Sr. Data Center Solutions Architect Denver, CO Compensation Unspecified A leading technology Solutions...Apply For This Job
Senior Practice Manager 05/26/20 – Senior Practice Manager, Greenfield Accounts Job ID: 1150892 | Amazon Web Services, Inc. DESCRIPTION At...Apply For This Job
Cisco Network Pre Sales Architect 05/26/20 – Senior Cisco Network Pre Sales Architect Manhattan, NY Telecommuting Available About: Established Enterprise...Apply For This Job