Tech Stack

Description

In this role, you will prepare and validate equipment configurations for new installations, develop anomaly and hunt detection content, and assess the health of Corelight infrastructure at client sites. You'll help customers improve their cybersecurity posture, investigate incidents, and educate on Zeek log use and Suricata alerts. You will also design technical solutions with ecosystem partners and implement queries in SIEMs.

Requirements

• TS/SCI clearance with CI Polygraph
• Strong networking and security background
• Experience working independently and being results-driven
• Knowledge of Corelight, Zeek, Suricata, and related tools
• Experience with SIEMs and back-end tools like Kafka and Logstash

Responsibilities

• Help customers improve cybersecurity posture with focus on process optimization
• Investigate incidents and educate on Zeek log use and Suricata alerts
• Design and implement technical solutions with ecosystem partners
• Implement queries and dashboards in SIEMs (Splunk, Elastic, Humio)
• Develop custom content for threat hunting and playbooks for SOC/IR automation