Job Summary

Incident Response IS Engineer - Washington, DC!

  • Location:
    Washington, District of Columbia
  • Job reference:
  • Category:
  • Contract Type:
    Contract/Temp to Hire

Modis is looking for a strong multi-tasker with a keen eye for detail and can think one step ahead of cyber threats for our client in Washington, DC on a contract to hire basis!
Your typical day-today…
• Provide support to maintain FireEye ecosystem, including providing patching and administering configs within a FireEye AX, CM, EX, FX, HX, NX environment.  
This includes:
o Testing FireEye HX Agent configs prior to upgrades
o Testing FireEye Appliances and validating deployed signatures – YARA/FireEye
• Provide support of RHEL Patching Via Satelite – Validate Config and Patch Status
• Provide support in maintain an incident response lab environment, that includes:
o PFSense
o ESXi VM’s
o Hybrid Analysis
o Kahli Linux
o Cuckoo Sanbox (deprecated by Hybrid)
o Security Onion/Bro          
o Nighthawk/VolUtility
o Storage -  NetAppPython or other scripting language experience
• Support/assist the client with improvement to real-time monitoring and triage capabilities of incidents received at the operations center.
• Work collectively with other team members on proposing configuration changes to FireEye environment.
• Support efforts on threat hunting, network, host, and malware analysis, sensor tuning and custom signature creation
• Lead the application of cyber intelligence to improve security operations
• Measure and manage individual and team performance
• Ensure adequate metrics and documentation of team operations for leadership and other constituents
• BS/BA degree from accredited university
• Five or more years of work experience
• Three or more years of cyber security work experience
• 2+ years of Splunk Infrastructure
• Prior leadership experience with direct reports in a cyber environment
• Experience and effective participation in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data
• Experience and understanding of host-based/endpoint protection systems
• Cyber intelligence, disk forensics and memory forensics experience
• Server administration experience
• Enterprise forensic tool(s) experience
• Federal contract experience
Training Requirements
• One or more certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc)
Core skills: At a minimum, we are looking for an Information Security Engineer with these core skills
• Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
• Knowledge of risk assessment tools, technologies and methods
• Experience designing secure networks, systems and application architectures
• Knowledge of disaster recovery, computer forensic tools, technologies and methods
• Experience planning, researching and developing security policies, standards and procedures
• Professional experience in a system administration role supporting multiple platforms and applications
• Ability to communicate network security issues to peers and management
• Ability to read and use the results of mobile code, malicious code, and anti-virus software
MUST HAVE: Splunk, FireEye, strong intrusion analysis experience

Apply Below


Note: Required fields marked with an asterisk (*).


Primary Number
[Ctrl (Cmd Mac) + Click] to select multiple industries
Upload your resume
Terms of Use


Upload your resume using

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Equal employment opportunity information:
EEO is the Law (poster) | EEO is the Law (poster supplement) | Reaffirmation of Affirmative Action Policy Statement