R&D Engineer - Threat Engineer

R&D Engineer - Threat Engineer
Location: Remote East Coast United States

US Citizenship Required
A TS/SCI Security Clearance is required

Conquest Cyber, a BlueVoyant Company, understands that our enemies are not simply amateur hackers, but highly motivated, well-funded nation states and criminal organizations. By targeting our nation’s defense and critical infrastructure sectors, cyber-attacks threaten to disrupt the way we live. This is where we sit – at the forefront of this quiet and distributed conflict to ensure cyber resiliency for the sectors critical to our way of life. At Conquest Cyber we build adaptive risk management programs where innovation is most needed, the sectors that protect our way of life. Be part of a world class team, enjoy the challenges and rewards of working with some of the leading U.S. agencies and companies, protect assets that are vital to our society.  

Job Description:

Conquest Cyber is looking for a Threat Engineer to join our talented Center of Excellence team. This team is responsible for leading the development and implementation of automation strategies to improve the efficiency and effectiveness of our MDR Module and supporting artificial intelligence in our Cyber Defender Platform.

Responsibilities:

• Collaborate with R&D engineering team members to develop, build, track, and maintain operational systems, projects and tools. 
• Support R&D projects, adhering to project timelines and milestones. 
• Contribute to the creation of prototypes, proof-of-concepts and innovative solutions what align with industry best practices. 
• Assist in testing and evaluations of developed solutions to validate performance and effectiveness. 
• Document research findings and technical best practices to improve future product development. 
• Assist with root cause analysis on mature product issues
• Remain up to date on Microsoft technologies, API’s and offerings that can enhance our solutions and product value to client 
• Develop custom signatures, custom analytics rules, and assess threat data from different sources.
• Process, organize, analyze, and assist in contextualization of incident indicators
• Act as subject matter expert for emerging trends in the cyber threat landscape
• Conduct threat hunting and cyber incident response

Requirements:

• Be a self-starter who is able to manage their time and work effectively.
• Familiarity with the MITRE ATT&CK and D3FEND Frameworks as well as Lockheed Cyber Kill Chain
• A working knowledge and understanding of Kusto Query Language (KQL) 
• Working knowledge of Azure, Azure Sentinel, Azure Monitor, and Microsoft Defender 
• Excellent written, oral communication, and presentation skills
• Strong problem-solving skills and ability to design innovative solutions to complex challenges
• High learning agility and willingness to learn new technologies, programming languages, and tools
• Ability to communicate and collaborate effectively with cross-functional teams 
• Desired Certifications: Security+, Blue Team L1, CySA+, PenTest+, CASP+, OSCP, GIAC, PJPT, PNPT, SC-200, SC-300, SC-400, AZ-500, MS-500, CISSP

Qualifications:

• Bachelor’s degree in Business, Computer Science, Information Systems, Cybersecurity, or a related field, or can demonstrate comparable professional programming experience
• Familiarity with cyber security concepts, principles, and industry trends 
• Proficiency in programming languages such as Python, Go, or Java for software development
• 3+ years’ experience in a technical capacity; preferably in a role related to any of the following disciplines: senior security operations analyst, incident response, network monitoring or analysis, intrusion or anomaly detection analysis, threat hunting, threat attribution assessment, penetration testing, etc.

About BlueVoyant

At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.

All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.

BlueVoyant Candidate Privacy Notice

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice