Job Listings


Here are our current job openings. Please click on the job title for more information, and apply from that page if you are interested.

Use this form to perform another job search

The system cannot access your location for 1 of 2 reasons:
  1. Permission to access your location has been denied. Please reload the page and allow the browser to access your location information.
  2. Your location information has yet to be received. Please wait a moment then hit [Search] again.
Click column header to sort

Search Results Page 3 of 14

Sev1Tech is seeking an experienced Deputy Program Manager to perform a leadership role on a large, mission-enabling nationwide team providing network infrastructure, platform, systems, application, and cybersecurity services for a federal customer.  Encompassing a wide range of tasks including but not limited to Program Management Organization (PMO) functions, Monitoring & Analysis, as well as, Incident Response functions that include cybersecurity, Network Infrastructure (Tier 3), and Field Engineering Technical Services.    Responsibilities include but are not limited to: - Perform Deputy Program Management functions including guidance and oversight to other managers - Engage with senior customer leadership regarding program priorities, technical, and resource issues - Assist in the establishment, staffing, and running of a Program Management Organization (PMO) providing the following types of services: - Knowledge Management - Doctrine, Policy, Planning, & SOP Development Support - Service Catalog, Relationship & Services Management Practices - Communications Support - Project Management Support - Continuous Service Improvement Program - Performance and Investment Metrics - Capability Test, Training, and Exercise Program - Data Call and Data Acquisition Support - Cybersecurity Services Provider Program Support - Apprise the Senior Program Manager of both progress and risks - Ensure timely high-quality products to senior level customers - Ensure rapid response to ad hoc requests for information from customers
ID
2024-7902
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is seeking a Configuration, Change, and Release Manager with extensive knowledge and experience in configuration, change and release management to develop a consolidated approach to each of these important processes.  The candidate will assess the current approach in the customer environment, propose a strategy and roadmap to consolidate into one program covering the full scope of NOSC/NCCS, and, based on customer approval, lead the transition to the approved strategy.  The candidate will manage a core team responsible for implementing enhanced, standard processes within the overall governance structure of the customer.   For Configuration Management: - Establish and maintain configuration management processes to track and control changes to software, hardware, and documentation - Define and manage configuration items, ensuring accurate and up-to-date configuration baselines - Conduct audits to verify compliance with configuration management policies   For Change Management: - Develop and implement change management processes to ensure smooth transitions and minimize disruptions - Evaluate and approve/reject change requests, considering potential impacts on systems and workflows - Collaborate with stakeholders to communicate changes and manage expectations   For Release Management: - Plan and coordinate releases, ensuring timely and efficient deployment - Work closely with engineering and operations teams to schedule release activities - Monitor release progress, address issues, and provide post-release support  
ID
2024-7901
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is seeking a Configuration, Change, and Release Manager with extensive knowledge and experience in configuration, change and release management to develop a consolidated approach to each of these important processes.  The candidate will assess the current approach in the customer environment, propose a strategy and roadmap to consolidate into one program covering the full scope of NOSC/NCCS, and, based on customer approval, lead the transition to the approved strategy.  The candidate will manage a core team responsible for implementing enhanced, standard processes within the overall governance structure of the customer.   For Configuration Management: - Establish and maintain configuration management processes to track and control changes to software, hardware, and documentation - Define and manage configuration items, ensuring accurate and up-to-date configuration baselines - Conduct audits to verify compliance with configuration management policies   For Change Management: - Develop and implement change management processes to ensure smooth transitions and minimize disruptions - Evaluate and approve/reject change requests, considering potential impacts on systems and workflows - Collaborate with stakeholders to communicate changes and manage expectations   For Release Management: - Plan and coordinate releases, ensuring timely and efficient deployment - Work closely with engineering and operations teams to schedule release activities - Monitor release progress, address issues, and provide post-release support  
ID
2024-7900
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is looking for System and Tool Administration Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Specifically, we're looking for a System/Tool Administration Lead to administer core tools that will be used for management and operations.   Responsibilities include but are not limited to: - Implement, configure, maintain, and operate Government furnished network, cybersecurity, and systems management software applications, dashboard applications, and hardware appliances - Develop, integrate, manage, and maintain monitoring tools and dashboards (e.g., system and application monitoring software, AWS Dashboards, Azure Dashboards) - Provide recommendations regarding new tools and services that can be integrated into NOSC operations and regarding decommissioning of obsolete tools and services - Conduct 24x7x365 cybersecurity, network, system, enclave, and cloud management monitoring and analysis operations, including Enterprise and NOSC dashboards - Apply various anti-virus, intrusion detection, and vulnerability assessment tools, techniques, and procedures - Provide support for configuration of Forensic and Log Management tools in support of identifying rogue and malicious software and suspicious and unapproved activities. - Assist in the administration of incident tracking tools and in training personnel in the use of those tools - Maintain a cyber incident dashboard, update as incident status changes, and provide continuous management updates - Support content development and updates to Enterprise NOSC dashboards - Ensure that tool licenses and maintenance agreements are tracked and projections for license expirations are continuously maintained for a minimum of twelve (12) months into the future - Assist the Government in generating communications to applicable stakeholders regarding cyber risk management, developing, and managing a holistic risk management dashboard to provide senior management a near real-time visual representation of cyber risks. - Support troubleshooting network problems by providing technical support associated with new or revised hardware or software installations - Support coordination of new Homeland Security Enterprise Network (HSEN) connections including direct links with other agencies  
ID
2024-7899
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is looking for System and Tool Administration Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Specifically, we're looking for a System/Tool Administration Lead to administer core tools that will be used for management and operations.   Responsibilities include but are not limited to: - Implement, configure, maintain, and operate Government furnished network, cybersecurity, and systems management software applications, dashboard applications, and hardware appliances - Develop, integrate, manage, and maintain monitoring tools and dashboards (e.g., system and application monitoring software, AWS Dashboards, Azure Dashboards) - Provide recommendations regarding new tools and services that can be integrated into NOSC operations and regarding decommissioning of obsolete tools and services - Conduct 24x7x365 cybersecurity, network, system, enclave, and cloud management monitoring and analysis operations, including Enterprise and NOSC dashboards - Apply various anti-virus, intrusion detection, and vulnerability assessment tools, techniques, and procedures - Provide support for configuration of Forensic and Log Management tools in support of identifying rogue and malicious software and suspicious and unapproved activities. - Assist in the administration of incident tracking tools and in training personnel in the use of those tools - Maintain a cyber incident dashboard, update as incident status changes, and provide continuous management updates - Support content development and updates to Enterprise NOSC dashboards - Ensure that tool licenses and maintenance agreements are tracked and projections for license expirations are continuously maintained for a minimum of twelve (12) months into the future - Assist the Government in generating communications to applicable stakeholders regarding cyber risk management, developing, and managing a holistic risk management dashboard to provide senior management a near real-time visual representation of cyber risks. - Support troubleshooting network problems by providing technical support associated with new or revised hardware or software installations - Support coordination of new Homeland Security Enterprise Network (HSEN) connections including direct links with other agencies  
ID
2024-7898
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is looking for a Cloud Operations Analyst to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks including but not limited to: Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; Field Engineering technical support; and Cloud operations.   Specifically, we’re seeking a Cloud Operations Analyst to provide Cloud, Platform, and System Operations Services to the Department of Homeland Security (DHS).     Responsibilities include but are not limited to:   - Manage, optimize, and troubleshoot issues for DHS’s cloud compute, storage, and application hosting platforms, and for all other platforms, systems, and applications that comprise the HSEN, including troubleshooting of connectivity, latency, degraded performance, or unavailability issues - Monitor and analyze cloud computing statistics and systems using CSP statistical feeds (e.g., Amazon Web Services; Microsoft Azure) and monitoring tool alert captures (e.g., Dynatrace) to determine possible points of failure and work with both IT Operations Cloud Computing Tier 2 Team, OCIO Solution Development Directorate (SDD) Cloud Tier 3 Teams, and other stakeholders, and recommend modifications to cloud-based environments and configurations to avoid or re-mediate unscheduled outages - Conduct real-time (when possible, based on tools) monitoring and triaging of security alerts from SIEM, System, Network Appliance (Firewalls, IDS, etc.), Cloud Service (AWS, Azure, IBM, etc.), email (Microsoft Office 365,), and Endpoint (including Endpoint Detection and Response Solutions (EDR)) systems - Monitor voice (phone) and electronic (email) and other sources designated by the Government for notification of network and cloud incidents, outages, and service degradations involving network services, CSP environments, Mission Essential Systems (MES) hosted in data centers and cloud environments, or DHS Component entities  
ID
2024-7897
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is looking for a Cloud Operations Analyst to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks including but not limited to: Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; Field Engineering technical support; and Cloud operations.   Specifically, we’re seeking a Cloud Operations Analyst to provide Cloud, Platform, and System Operations Services to the Department of Homeland Security (DHS).     Responsibilities include but are not limited to:   - Manage, optimize, and troubleshoot issues for DHS’s cloud compute, storage, and application hosting platforms, and for all other platforms, systems, and applications that comprise the HSEN, including troubleshooting of connectivity, latency, degraded performance, or unavailability issues - Monitor and analyze cloud computing statistics and systems using CSP statistical feeds (e.g., Amazon Web Services; Microsoft Azure) and monitoring tool alert captures (e.g., Dynatrace) to determine possible points of failure and work with both IT Operations Cloud Computing Tier 2 Team, OCIO Solution Development Directorate (SDD) Cloud Tier 3 Teams, and other stakeholders, and recommend modifications to cloud-based environments and configurations to avoid or re-mediate unscheduled outages - Conduct real-time (when possible, based on tools) monitoring and triaging of security alerts from SIEM, System, Network Appliance (Firewalls, IDS, etc.), Cloud Service (AWS, Azure, IBM, etc.), email (Microsoft Office 365,), and Endpoint (including Endpoint Detection and Response Solutions (EDR)) systems - Monitor voice (phone) and electronic (email) and other sources designated by the Government for notification of network and cloud incidents, outages, and service degradations involving network services, CSP environments, Mission Essential Systems (MES) hosted in data centers and cloud environments, or DHS Component entities  
ID
2024-7896
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is looking for a Vulnerability Analyst/PenTester Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Responsibilities include but are not limited to:   - Conduct Vulnerability Assessment scans for Headquarters and Subscriber systems and networks to identify potential computer security vulnerabilities, risks, and threats - Operate, and maintain assessments and the resulting Vulnerability Assessment data and reports - Support the NOSC enclave, HSEN, and Redundant TICs through the conduct of scheduled and ad-hoc vulnerability assessment scanning. - Scanning shall include: - Host-based and vulnerability assessments - Network vulnerability assessments - Database vulnerability assessments - Web-based vulnerability assessments - Cloud-based vulnerability assessments - Employ ad-hoc or emergency vulnerability scanning to support targeted incident investigation, escalation, and emergency response to security events in accordance with documented procedures - Coordinate with Component security staff to explain findings, provide recommendations on mitigations, and advocate for mitigation of vulnerabilities - Conduct High Value Asset assessments and penetration tests and conduct or assist with penetration tests as requested by Components, System Owners, Information System Security Managers, or Information System Security Officers in support of Security Controls Assessments, continuous monitoring, and FISMA requirements - Provide penetration testing summary reports, in accordance with the signed Rules of Engagement (ROE) document, to the appropriate System Owner/ISSM/ISSO, Government lead, DHS Program Manager and document the findings - Prepare and submit security testing Rules or Engagement (ROE) for High Value Assets (HVA), Internal & External Threat Assessments, prior to conducting penetration testing and ensure that the ROE provide the operational security controls to protect both the system and network  
ID
2024-7895
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is looking for a Vulnerability Analyst/PenTester Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Responsibilities include but are not limited to:   - Conduct Vulnerability Assessment scans for Headquarters and Subscriber systems and networks to identify potential computer security vulnerabilities, risks, and threats - Operate, and maintain assessments and the resulting Vulnerability Assessment data and reports - Support the NOSC enclave, HSEN, and Redundant TICs through the conduct of scheduled and ad-hoc vulnerability assessment scanning. - Scanning shall include: - Host-based and vulnerability assessments - Network vulnerability assessments - Database vulnerability assessments - Web-based vulnerability assessments - Cloud-based vulnerability assessments - Employ ad-hoc or emergency vulnerability scanning to support targeted incident investigation, escalation, and emergency response to security events in accordance with documented procedures - Coordinate with Component security staff to explain findings, provide recommendations on mitigations, and advocate for mitigation of vulnerabilities - Conduct High Value Asset assessments and penetration tests and conduct or assist with penetration tests as requested by Components, System Owners, Information System Security Managers, or Information System Security Officers in support of Security Controls Assessments, continuous monitoring, and FISMA requirements - Provide penetration testing summary reports, in accordance with the signed Rules of Engagement (ROE) document, to the appropriate System Owner/ISSM/ISSO, Government lead, DHS Program Manager and document the findings - Prepare and submit security testing Rules or Engagement (ROE) for High Value Assets (HVA), Internal & External Threat Assessments, prior to conducting penetration testing and ensure that the ROE provide the operational security controls to protect both the system and network  
ID
2024-7894
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is seeking a Senior Knowledge Management Specialist to provide knowledge management and process improvement expertise. The successful candidate will be responsible for coordinating the knowledge management program, including developing and implementing knowledge management processes and procedures, and providing guidance and training to personnel.    Responsibilities include but are not limited to: - Spearheading an assessment of existing customer Knowledge Management practices and the as is environment - Knowledge Organization and Classification: Define and implement knowledge taxonomy/ontology and meta-data tagging systems to organize and categorize knowledge assets - Ensure consistency and accuracy in knowledge classification - Analyze knowledge management solutions and aid in the selection of the best software solution - Implement efficient search and retrieval mechanisms to access knowledge - Lead discovery of current knowledge artifacts, systems, and architecture - Develop and implement knowledge-sharing platforms, communities of practice, and training programs - Knowledge Strategy Development: Develop a comprehensive knowledge management strategy aligned with the organization's goals and objectives - Knowledge Capture and Creation: Work with subject matter experts to identify, capture, and document tacit and explicit knowledge - Facilitate knowledge creation through workshops, interviews, and collaboration platforms - Knowledge Storage and Retrieval: Establish and maintain a centralized repository for knowledge assets, including documents, databases, and multimedia content - Knowledge Dissemination and Sharing: Promote a culture of knowledge sharing and collaboration within the organization - Knowledge Performance Metrics: Define Key Performance Indicators (KPIs) and generates reports to measure the effectiveness of knowledge management initiatives  
ID
2024-7893
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is seeking a Senior Knowledge Management Specialist to provide knowledge management and process improvement expertise. The successful candidate will be responsible for coordinating the knowledge management program, including developing and implementing knowledge management processes and procedures, and providing guidance and training to personnel.    Responsibilities include but are not limited to: - Spearheading an assessment of existing customer Knowledge Management practices and the as is environment - Knowledge Organization and Classification: Define and implement knowledge taxonomy/ontology and meta-data tagging systems to organize and categorize knowledge assets - Ensure consistency and accuracy in knowledge classification - Analyze knowledge management solutions and aid in the selection of the best software solution - Implement efficient search and retrieval mechanisms to access knowledge - Lead discovery of current knowledge artifacts, systems, and architecture - Develop and implement knowledge-sharing platforms, communities of practice, and training programs - Knowledge Strategy Development: Develop a comprehensive knowledge management strategy aligned with the organization's goals and objectives - Knowledge Capture and Creation: Work with subject matter experts to identify, capture, and document tacit and explicit knowledge - Facilitate knowledge creation through workshops, interviews, and collaboration platforms - Knowledge Storage and Retrieval: Establish and maintain a centralized repository for knowledge assets, including documents, databases, and multimedia content - Knowledge Dissemination and Sharing: Promote a culture of knowledge sharing and collaboration within the organization - Knowledge Performance Metrics: Define Key Performance Indicators (KPIs) and generates reports to measure the effectiveness of knowledge management initiatives  
ID
2024-7892
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is seeking a Tier 3 level Field Engineering Technician who will be regionally located throughout the Continental United States (CONUS) to provide IT support requiring hands-on intervention at DHS facilities and sites lacking local IT support.     Responsibilities include but are not limited to: - Deploy to Department of Homeland Security (DHS) facilities requiring IT technical support services - Determine the nature of a service outage at a location and initiate response activity to restore service - Assess whether an outage is the result of a commercial circuit failure or if it is due to some internal failure at a facility - Identify failed network or system components and either restore the failed components to an operational status or replace the components as required - Coordinate trouble-shooting with other Tier 3 engineers as needed - Coordinate with product vendors as needed, communicating issues needing priority vendor attention and support - Escalate issues to program leadership as needed - In performing the above responsibilities, coordinate closely with the customer, team leads, contract managers - and vendors as necessary
ID
2024-7891
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is seeking a Tier 3 level Field Engineering Technician who will be regionally located throughout the Continental United States (CONUS) to provide IT support requiring hands-on intervention at DHS facilities and sites lacking local IT support.     Responsibilities include but are not limited to: - Deploy to Department of Homeland Security (DHS) facilities requiring IT technical support services - Determine the nature of a service outage at a location and initiate response activity to restore service - Assess whether an outage is the result of a commercial circuit failure or if it is due to some internal failure at a facility - Identify failed network or system components and either restore the failed components to an operational status or replace the components as required - Coordinate trouble-shooting with other Tier 3 engineers as needed - Coordinate with product vendors as needed, communicating issues needing priority vendor attention and support - Escalate issues to program leadership as needed - In performing the above responsibilities, coordinate closely with the customer, team leads, contract managers - and vendors as necessary
ID
2024-7890
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is seeking a Tier 2 level Field Engineering Technician who will be regionally located throughout the Continental United States (CONUS) to provide IT support requiring hands-on intervention at DHS facilities and sites lacking local IT support.    Responsibilities include but are not limited to: - Deploy to Department of Homeland Security (DHS) facilities requiring IT technical support services - Determine the nature of a service outage at a location and initiate response activity to restore service - Assess whether an outage is the result of a commercial circuit failure or if it is due to some internal failure at a facility - Identify failed network or system components and either restore the failed components to an operational status or replace the components as required - Escalate issues requiring addition, higher-level field engineering support (Tier 3) - In performing the above responsibilities, coordinate closely with the customer, team leads, contract managers - and vendors as necessary - Collaborate with customer/company and colleagues, and other resources to gain a better understanding of the issue(s) to be resolved - Effectively manage time to respond to service calls in a timely fashion - Complete intermediate installations and perform system test procedures - Troubleshoot and resolve issues that cannot be solved remotely - Perform smaller scale moves, adds, or changes of clients' equipment as needed - Prepare for on-site installations by reviewing site requirements - Obtain software and review relevant documentation prior to visiting customer sites - Stage the installation and upgrades in a lab environment prior to the site visit when necessary - Perform implementation of software and hardware solutions; integrating with the customer's network and equipment - Troubleshoot and resolve technical issues as they occur - Provide basic system administration training to technical users
ID
2024-7889
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is seeking a Tier 2 level Field Engineering Technician who will be regionally located throughout the Continental United States (CONUS) to provide IT support requiring hands-on intervention at DHS facilities and sites lacking local IT support.    Responsibilities include but are not limited to: - Deploy to Department of Homeland Security (DHS) facilities requiring IT technical support services - Determine the nature of a service outage at a location and initiate response activity to restore service - Assess whether an outage is the result of a commercial circuit failure or if it is due to some internal failure at a facility - Identify failed network or system components and either restore the failed components to an operational status or replace the components as required - Escalate issues requiring addition, higher-level field engineering support (Tier 3) - In performing the above responsibilities, coordinate closely with the customer, team leads, contract managers - and vendors as necessary - Collaborate with customer/company and colleagues, and other resources to gain a better understanding of the issue(s) to be resolved - Effectively manage time to respond to service calls in a timely fashion - Complete intermediate installations and perform system test procedures - Troubleshoot and resolve issues that cannot be solved remotely - Perform smaller scale moves, adds, or changes of clients' equipment as needed - Prepare for on-site installations by reviewing site requirements - Obtain software and review relevant documentation prior to visiting customer sites - Stage the installation and upgrades in a lab environment prior to the site visit when necessary - Perform implementation of software and hardware solutions; integrating with the customer's network and equipment - Troubleshoot and resolve technical issues as they occur - Provide basic system administration training to technical users
ID
2024-7888
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The program will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Sev1Tech seeks a Lead Content Developer/Cyber Threat Detection Developer, utilizing Splunk Enterprise Services or other SIEM tools to pro-actively research and then apply custom detection capabilities from disparate data sources such as: cyber threat intelligence, vulnerability data, campaign and indicators of compromise. These threat detection data types will be used to develop custom security, engineering, and or applicable dashboards; validate existing and/or create new correlation rules and alerts, as well as validate the index sources of the SIEM to ensure a thorough defense in depth for the enterprise.     Responsibilities include but are not limited to: - Analyze data feeds and event logs - Correlate the results with known threats, vulnerabilities, and incidents - Create new security content and updates to Enterprise NOSC dashboards - Develop, disseminate, and implement new security content such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP) correlation rules and cyber threat indicators - Participate in Briefings to provide expert guidance on new threats and will act as an escalation point for cyber analysts and engineering leads - Author reports and/or interface with customers for ad-hoc requests - Participate in discussions to make recommendations on improving NOSC cyber visibility, process improvements, and reducing the incident remediation period - Investigate and analyze all logs available within the SIEM, document workflows, and identify process improvements in the handling and remediation of cyber security events - Leverage deep understanding of how to develop custom content within the Splunk SIEM using advanced SPL language and data models or other network security tools to detect threats and attacks - Capture use cases from subscribers or other team members to develop custom correlation rule(s), validate and or create new dashboard(s) and validate all index sources for applicability within the Splunk environment - Utilize knowledge of latest cyber threats and attack vectors to develop and or maintain custom Splunk correlation rules from all indexed sources to support continuous event monitoring and alerting - Develop, manage, and maintain Splunk data models - Review all existing network event sources to determine if relevant data is present and make technical recommendations to re-mediate any missing log components - Review and or suggest new log and event index types as new devices are brought into the enterprise network - Develop custom regex to create custom knowledge objects - Developing custom SPL using macros, lookups, etc., and network security signatures such as SNORT, YARA and Zeek - Develop custom dashboards and reports for customer stakeholders - Train and mentor junior staff
ID
2024-7887
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The program will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Sev1Tech seeks a Lead Content Developer/Cyber Threat Detection Developer, utilizing Splunk Enterprise Services or other SIEM tools to pro-actively research and then apply custom detection capabilities from disparate data sources such as: cyber threat intelligence, vulnerability data, campaign and indicators of compromise. These threat detection data types will be used to develop custom security, engineering, and or applicable dashboards; validate existing and/or create new correlation rules and alerts, as well as validate the index sources of the SIEM to ensure a thorough defense in depth for the enterprise.     Responsibilities include but are not limited to: - Analyze data feeds and event logs - Correlate the results with known threats, vulnerabilities, and incidents - Create new security content and updates to Enterprise NOSC dashboards - Develop, disseminate, and implement new security content such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP) correlation rules and cyber threat indicators - Participate in Briefings to provide expert guidance on new threats and will act as an escalation point for cyber analysts and engineering leads - Author reports and/or interface with customers for ad-hoc requests - Participate in discussions to make recommendations on improving NOSC cyber visibility, process improvements, and reducing the incident remediation period - Investigate and analyze all logs available within the SIEM, document workflows, and identify process improvements in the handling and remediation of cyber security events - Leverage deep understanding of how to develop custom content within the Splunk SIEM using advanced SPL language and data models or other network security tools to detect threats and attacks - Capture use cases from subscribers or other team members to develop custom correlation rule(s), validate and or create new dashboard(s) and validate all index sources for applicability within the Splunk environment - Utilize knowledge of latest cyber threats and attack vectors to develop and or maintain custom Splunk correlation rules from all indexed sources to support continuous event monitoring and alerting - Develop, manage, and maintain Splunk data models - Review all existing network event sources to determine if relevant data is present and make technical recommendations to re-mediate any missing log components - Review and or suggest new log and event index types as new devices are brought into the enterprise network - Develop custom regex to create custom knowledge objects - Developing custom SPL using macros, lookups, etc., and network security signatures such as SNORT, YARA and Zeek - Develop custom dashboards and reports for customer stakeholders - Train and mentor junior staff
ID
2024-7886
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is looking for a Forensics/Malware Analyst SME to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety. The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   We're looking for a Forensics/Malware Analyst SME to conduct malware investigations and operations. Candidates will apply their technical and professional skill-sets to examine malware from various sources and perform appropriate analysis to improve cyber incident responses.    Responsibilities include but are not limited to: - Conduct Mal-ware investigations and operations - Examine submitted malware from cyber incident reporting and other sources - Perform forensic analysis of digital information and gathers methods, indicators of compromise (IOC), evidence of Advanced Persistence Threat (APT) threat actors, trends, and mitigations - Leverage scanning tools (i.e., VirusTotal) to conduct suspicious file scanning; performing queries, pivoting on indicators, and malware analysis on characteristics (Message-Digest Algorithm 5 (MD5), Secure Hash Algorithm 1 (SHA1), file size, file name, file paths, etc.) - Use forensically sound procedures to identify network computer intrusion evidence and identifies perpetrators - Contribute to cyber incident responses and other DoD Defense Industrial Base Collaborative Information Sharing Environment (DCISE) products - Contribute to the general knowledge base of intelligence used to develop or enhance tools - Provide guidance and direction to junior analysts
ID
2024-7885
Location
US-MS-Stennis
Security Clearance
Public Trust
Sev1Tech is looking for a Forensics/Malware Analyst SME to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   We're looking for a Forensics/Malware Analyst SME to conduct malware investigations and operations. Candidates will apply their technical and professional skill-sets to examine malware from various sources and perform appropriate analysis to improve cyber incident responses.    Responsibilities include but are not limited to: - Conduct Malware investigations and operations - Examine submitted malware from cyber incident reporting and other sources - Perform forensic analysis of digital information and gathers methods, indicators of compromise (IOC), evidence of Advanced Persistence Threat (APT) threat actors, trends, and mitigations - Leverage scanning tools (i.e., VirusTotal) to conduct suspicious file scanning; performing queries, pivoting on indicators, and malware analysis on characteristics (Message-Digest Algorithm 5 (MD5), Secure Hash Algorithm 1 (SHA1), file size, file name, file paths, etc.) - Use forensically sound procedures to identify network computer intrusion evidence and identifies perpetrators - Contribute to cyber incident responses and other DoD Defense Industrial Base Collaborative Information Sharing Environment (DCISE) products - Contribute to the general knowledge base of intelligence used to develop or enhance tools - Provide guidance and direction to junior analysts
ID
2024-7884
Location
US-AZ-Chandler
Security Clearance
Public Trust
Sev1Tech is looking for the Cyber Threat Hunter to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   The Department of Homeland Security (DHS), Network Operations Security Center (NOSC) Cyber is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to DHS networks through monitoring, intrusion detection and protective security services to DHS information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The NOSC Cyber is responsible for the overall security of DHS Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.   Sev1Tech seeks a Cyber Threat Hunter to join our NOSC Cyber Team. The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious.   Responsibilities include but are not limited to: - Manage all aspects of the Cyber-Threat Hunt lifecycle, including creation and improvement of enterprise-specific Threat Models and threat hypotheses, plan and scope Threat Hunt campaigns, missions, and activities against a variety of threat types and identify enterprise defense gaps and propose potential mitigation activities - Perform Cyber-Threat Hunt missions by identifying and investigating patterns and anomalies in data, suspicious network activities, including access from Outside the Continental United States (OCONUS) or utilization of non-standard credentials, anomalous or suspicious telemetry, and other Cyber Threat Intelligence - Pro-actively search networks to detect and isolate advanced cybersecurity threats that evade in-place security solutions - Regularly perform advanced analysis and adversary hunting activities to pro-actively uncover evidence of adversary presence on DHS networks - Follow incident response procedures for detected insider threat activity - Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations - Author, update, and maintain SOPs, playbooks, work instructions - Utilize Threat Intelligence and Threat Models to create threat hypotheses - Plan and scope Threat Hunt Missions to verify threat hypotheses - Pro-actively and iteratively search through systems and networks to detect advanced threats - Analyze host, network, and application logs in addition to malware and code - Prepare and report risk analysis and threat findings to appropriate stakeholders - Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation. - Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise
ID
2024-7883
Location
US-MS-Stennis
Security Clearance
Public Trust

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.