Flank Speed Cloud Engineer


​​​​​​​​Employee Type: Full-Time

Location: Suffolk, VA

Job Type: Cloud Engineering

Experience: 5+ Years

Clearance: TS/SCI

Work Allocation: On-Site


AERMOR LLC is seeking qualified candidates that will assist with managing and administration of integrated methods, enabling personnel to identify, capture, catalog, classify, retrieve, and share intellectual capital and information content. Help support utilizing visualization processes and tools with in-depth MS Sentinel and Phantom expertise to assist with uncovering adversarial tactics, events, and incidents; to finalize the US Navy's transition into the Flank Speed cloud system. 


Qualifications:


  • SC-200 Microsoft Security Operator Required.
  • AZ-500 Microsoft Azure Security Technologies Required.
  • Splunk SOAR or Phantom Certified Administrator is highly desired.
  • Advanced knowledge in searching & reporting dashboards development, and visualization.
  • Advanced development knowledge in Microsoft Logic Apps, Jupyter playbooks, workbooks, case management.
  • Knowledge in acceleration and data models is required.
  • Advanced knowledge of KQL, Python is required.
  • Knowledge of JavaScript, XML, JSON objects, and HTML 5 expertise is required.
  • Experience with Microsoft Defender Suite (Enterprise, Identity, Azure) is required.
  • Advanced knowledge of data structures and subroutine calls to include development and/or use of vendor Application Programming Interfaces (API) solutions.
  • Must be able to develop and write in KQL and Python languages, custom detections, and advance hunting queries specific to the DoD, in collaboration with malware analysis for coverage of emerging threats.
  • Must be able to interpret security vulnerability protection requirements and translate them into KQL custom detections and advanced hunting queries.
  • Must understand common data available and capabilities in: MDE, McAfee ESS, and ENS, Cisco FirePower, M365, Splunk SOAR, Tenable Nessus, Suricata, Zeek, Ansible Tower.
  • Meets the Cyber IT /Cybersecurity Workforce Specialty Area 14 (Threat Analysis) Requirements (Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), or GIAC Certified Intrusion Analyst (GCIA) Certification).


Required Duty/Tasks:


  • Create/maintain optimized and efficient dashboards and reports within MS Sentinel.
  • Create/maintain dashboards and/or reports within MS Sentinel identifying known security risks to include both network and IT assets.
  • Create/maintain dashboards and/or reports within MS Sentinel to identify security events for both network and IT assets.
  • Create/maintain dashboards and/or reports within MS Sentinel to identify network device and IT asset health and performance.
  • Create/maintain dashboards and/or reports within MS Sentinel identifying adversarial tactics, events, and incidents across global CND data.
  • Create ad-hoc dashboards and reports within MS Sentinel.
  • Create/configure/maintain custom Jupyter modules and add-ons. Validate, customize, and maintain Jupyter community modules and add-ons for the environment.
  • Develop/Create/maintain automated workflows with MS Sentinel Playbooks to include managing playbook repo storage, installing/updating new and existing playbooks, and configuring playbook activation and labels.
  • Provide Case Management and workbook support to include mapping to CND SOPs and codifying SOPs into workbook templates.
  • Develop/Create/maintain custom automated workflows/playbooks/containers/CEF fields.
  • Configure/Create/Manage MS Sentinel apps and assets to include configuring assets to ingest data and data ingestion settings like labels and tags.
  • Provide data integration support in all aspects of MS Sentinel sub-components.
  • Create/maintain dashboards and/or reports within MS Sentinel that can be incorporated into the CND playbook.
  • Provide support to develop data connectivity between MS Sentinel and Splunk SIEM/SOAR environments.
  • Provide on-the-job training to government personnel in support of MS Sentinel, Jupyter Notebooks, and all tasks & functions noted above.
  • Develop and (when directed) execute IL6 capability stand-up for MS Sentinel.


Apply Now​



For more information contact: careers@aermor.com


​As an Equal Opportunity Employer, AERMOR LLC complies with government regulations and affirmative action responsibilities.

AERMOR LLC does not discriminate against any applicant for employment or employee because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other characteristic prohibited under Federal, State, or local laws.