TS Cyber Tools Engineer

Job Description Insight Global is seeking a Network Defense Engineer to support a large government customer. This person will be responsible for building out tools using technologies such as Elastic, Palo Alto and Crowdstrike.

Additional Responsibilities include:

Key Responsibilities

• Serve as the primary Subject Matter Expert (SME) for all aspects of the Continuous Network Defense cybersecurity tools in accordance with all applicable DoD Instructions (DoDI), policies and regulations.
• Utilize Tenable and Nessus to perform regularly scheduled discovery and vulnerability scans, provide analysis of results, and development mitigation strategies to reduce overall risk surface.
• Manage Trellix ePO and deploy endpoint products such as ENS, PA, DLP, etc., to implement and enforce endpoint security policies in accordance with response to and mitigation of potential threats.
• Implementation of ForeScout policies for Comply-To-Connect (C2C) initiative, to ensure continuous compliance and quarantining of unauthorized, noncompliant devices.
• Monitoring of Cortex Xpanse to identify and assess external-facing assets and responding to alerts with the corrective action to mitigate the findings.
• Ensure continuous data flow is active for the Continuous Monitoring and Risk Scoring (CMRS) DoD system, including endpoint security data (Trellix), vulnerability and flaw remediation (Tenable), and security compliance data (ForeScout).
• Configuration, modification and deployment of security policies on Cisco Firepower Management Console (FMC) to ensure intrusion prevention (IPS) is enforced at the network security level.
• Utilize and validate DNS and DHCP data within Infoblox, monitoring for anomalous records, unauthorized entries, and removal of duplicate records.
• Implementation of AD Audit Engine to detect and investigate anomalous, malicious or malformed activity within Active Directory, to identify potential insider threats and/or compromised accounts.
• Conduct threat hunts and active/passive reconnaissance using network traffic analysis, heuristic analysis, and cybersecurity data analysis to identify and mitigate indicators of compromise (IoC), misconfigured systems, and advanced persistent threat actors (APTs).

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

To learn more about how we collect, keep, and process your private information, please review

Insight Global's Workforce Privacy Policy:

https://insightglobal.com/workforce-privacy-policy/. Skills and Requirements Active Top Secret or TS/SCI Active IAT III Certification 10+ Years of Experience in a Cyber Security role 5+ Years of Experience building out vulnerability detection tools within a DoD Environment 5+ Years of Experience with Elastic Search and/or Splunk