Host-Based Security Engineer

Host-Based Security Engineer

Requirements

• High School Diploma or GED
• Two (2) years of practical experience demonstrating competency in Cybersecurity or related experience (Level I)
• Three (3) years of practical experience demonstrating competency in Cybersecurity or related experience (Level II)
• 5+ years with a Bachelor’s degree or 7+ years with HS/GED in Cybersecurity or related experience (Level III)
• Secret / Top Secret SCI clearance
• 8570 Compliant IAT 2 or 3 certification

Responsibilities

• Develop and maintain host-based security solutions using government-approved tools such as Host-Based Security System (HBSS), Endpoint Detection and Response (EDR), and Next-Gen Antivirus (NGAV)
• Create, test, and deploy custom host-based security signatures to detect and mitigate threats
• Implement host-based intrusion detection/prevention systems (HIDS/HIPS) and fine-tune policies for maximum protection with minimal impact on system performance
• Perform malware analysis and behavioral analysis to identify and neutralize malicious software threats
• Conduct host-based forensic investigations to analyze security breaches, identify attack vectors, and collect digital evidence
• Ensure compliance with DoD security standards such as DISA STIGs, DoD 8570, and RMF guidelines
• Monitor and assess endpoint security logs from SIEM platforms to detect anomalies, investigate security alerts, and mitigate cyber threats
• Develop security automation scripts to enhance endpoint protection and streamline response actions
• Support incident response teams by providing host-based security expertise during cyber incidents
• Stay current on emerging host-based attack techniques, malware, and adversarial Tactics, Techniques, and Procedures (TTPs) to enhance detection and prevention capabilities
• Train and mentor junior security engineers on best practices for host-based security management

Preferred Qualifications

No preferred qualifications provided.