Professional Services Engineer

Company	Corelight
Location	Washington, DC, USA, Virginia, USA, Maryland, USA
Salary	$185000 – $235000
Type	Full-Time
Degrees
Experience Level	Senior

US Citizen
TS/SCI Eligible and TS/SCI
5+ years of experience in cybersecurity (Prior startup experience preferred)
Extensive experience with a SOC environment
Zeek/Corelight experience is a plus
Security and/or Networking related certification(s)
Demonstrated expertise in Windows/MacOS/Linux/Unix operating systems, IDS/IPS, Network administration, firewall configuration, and strong knowledge of TCP/IP
SIEM experience (Splunk required, others a bonus)
Scripting in (some of) Zeek, Bash, Python, Perl, Powershell, etc.
Strong briefing skills; experience interacting with SES/general officer-level management

Help customers improve their cybersecurity posture, with a particular focus on process optimization
Help investigate incidents
Educate on Zeek Log use, including as it relates to Corelight Suricata alerts
Design and implement technical solutions with ecosystem partners (packet brokers, asset managers, SOAR systems, etc.)
Implement queries and dashboards in SIEMs – Splunk, Elastic, Humio, etc.
Influence customers and Corelight teams and be seen as a technical expert
Conduct network-related testing to ensure Corelight products operate correctly
Perform validation testing of Corelight products
Provide ongoing, informal, knowledge transfer
Collaborate with product management on product features/integrations
Work with back-end tools like Kafka and Logstash
Documenting the process for importing of data (MISP, Intel, etc)
Developing custom content for threat hunting use cases as defined by the customer
Developing playbooks for SOC/IR workflow automation based on Corelight data
Ad-hoc (as requested) written summary reports on equipment and security problems
Technical input to major service outage root cause analysis and corrective action reports
Leading project status meetings and wrap-up/post-mortem meetings
Some on-site work required