Detection Engineer Analyst SME - Remote Opportunity

About the Role

Resource Management Concepts, Inc. (RMC) is seeking a Detection Engineer Analyst Subject Matter Expert (SME) to join our team in a remote capacity. This position plays a crucial role in supporting an active government contract, focusing on defensive cyberspace operations and Cyber Security Service Provider (CSSP) functions. As a Detection Engineer Analyst SME, you will contribute to the mission of denying, disrupting, and degrading adversaries' capabilities to attack IT services.

What You'll Do

• Develop detection use cases based on current threats, utilizing the MITRE ATT&CK framework and government directives.
• Review incident reports to fine-tune detection use cases as necessary.
• Analyze Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) incident queues to identify unnecessary events and alerts, implementing corrective actions.
• Identify gaps in logging and detection capabilities across the attack surface.
• Assist in implementing new log ingestion, ensuring proper parsing and normalization of data in SIEM/SOAR.
• Create high-fidelity correlation rules, signatures, filters, and automations while maintaining a low false-positive rate.
• Lead operations and maintenance support for an enterprise-level network.
• Write signatures (e.g., KQL/Snort/ePO/Yara) for network and host IDS/IPS.

Requirements

• Active TS/SCI (DoD TOP SECRET clearance with Sensitive Compartmented Information access) eligibility is required.
• Bachelor's degree in IT or Computer Science or 5 years of relevant experience in DCO and/or network systems and technology.
• DoD 8570 IAT Level III certification.
• DoD 8570 CSSP Analyst certification.
• 5 years of experience in developing and refining signatures, plays, policies, configurations, scripts, and indicators for identifying malicious activity.

Nice to Have

• Microsoft Cloud Security training is highly recommended.
• Experience with Microsoft Azure and Microsoft Defender XDR.
• Familiarity with Microsoft Sentinel and Ninja Training for Microsoft Defender products.

What We Offer

• Competitive salary ranging from $130,000 to $150,000 annually.
• Comprehensive paid relocation support to help you settle into your new role.
• Full-time Monday to Friday work schedule, typically not exceeding 40 hours per week.
• Generous vacation package with 11 paid federal holidays.
• High-quality, low-deductible healthcare plans and pet insurance.
• Competitive 401K package.
• Tuition assistance for further education and certifications.
• A supportive work environment that invests in your career growth.