FireEye / Gigamon Cybersecurity Engineer

22nd Century Technologies, Inc.
McLean, United States of America
4 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

McLean, United States of America

Tech stack

Microsoft Active Directory
Data analysis
Cisco Routers
Cloud Computing Security
Configuration Management
Computer Security
Data Centers
Data Deduplication
Monitoring of Systems
Intrusion Detection and Prevention
Intrusion Detection Systems
Network Security
Windows Server
Network Forensics
Packet Analyzer
Zero Trust Network Access
Security Information and Event Management
Tcpdump
Wireshark
Virtualization Technology
Computer Network Operations
Cloud Platform System
Malware
Cyber Threat Analysis
HybridCloud
Firewalls (Computer Science)
Information Technology
SolarWinds (Software)
Cybercrime
Check Point Firewalls
Fireeye
Splunk
Cisco networks
Security Orchestration, Automation & Response
Vulnerability Analysis
VMware

Job description

The FireEye / Gigamon Cybersecurity Engineer provides engineering, administration, monitoring, and operational support for the Defense Contract Management Agency (DCMA) Enterprise Security Architecture. This position is responsible for deploying, managing, and optimizing FireEye/Trellix security platforms and Gigamon visibility solutions to enhance threat detection, network observability, incident response, and cybersecurity operations across DCMA enterprise environments. The engineer works closely with Network Operations Center (NOC), Cybersecurity Operations, RMF, ACAS, SIEM, Firewall, and Network Engineering teams to ensure continuous monitoring, threat visibility, and protection of enterprise networks supporting CONUS and OCONUS users. FireEye Helix was designed to unify network, endpoint, and third-party security visibility while integrating threat intelligence and automated security operations capabilities. Gigamon provides deep observability and network-derived intelligence by delivering optimized traffic to security and monitoring tools, eliminating network blind spots and improving threat detection. Primary Responsibilities FireEye/Trellix Operations

  • Administer and maintain FireEye/Trellix security platforms, including: o FireEye Network Security (NX) o FireEye Email Security (EX) o FireEye Endpoint Security (HX) o FireEye Helix SIEM/XDR o FireEye Central Management System (CMS)

  • Monitor and analyze security events, malware detections, indicators of compromise (IOCs), and advanced persistent threats (APTs).

  • Develop correlation rules, threat-hunting use cases, dashboards, and automated response workflows.

  • Integrate FireEye solutions with: o LogRhythm SIEM o ACAS o CheckPoint Firewalls o Cisco Security Platforms o Active Directory o Threat Intelligence feeds

  • Conduct incident response activities and forensic investigations utilizing FireEye and Mandiant intelligence resources.

  • Support Cybersecurity Service Provider (CSSP) operations and enterprise security monitoring. Gigamon Visibility Fabric Operations

  • Engineer and administer Gigamon visibility solutions, including: o GigaVUE Appliances o GigaSMART o GigaVUE Fabric Manager o Deep Observability Pipeline

  • Configure TAPs, packet brokers, traffic aggregation, filtering, deduplication, and SSL/TLS decryption services.

  • Design and maintain traffic distribution policies supporting: o FireEye/Trellix o LogRhythm o ACAS o IDS/IPS o Network Performance Monitoring tools

  • Optimize east-west and north-south traffic visibility across: o Data Centers o Cloud Environments o Virtualized Infrastructure o Hybrid Networks

  • Perform packet analysis and troubleshooting using: o Wireshark o TCPDump o Gigamon Analytics Gigamon solutions provide traffic intelligence, packet optimization, metadata generation, filtering, and visibility across hybrid cloud and enterprise environments. Cybersecurity Engineering

  • Develop and implement security architecture improvements.

  • Support RMF security controls and continuous monitoring activities.

  • Conduct vulnerability assessments and remediation validation.

  • Support STIG compliance initiatives.

  • Participate in Change Management and Configuration Control Boards (CCB).

  • Create engineering documentation, SOPs, implementation guides, and technical reports.

  • Provide Tier III escalation support for cybersecurity incidents. Monitoring and Reporting

  • Provide 24x7x365 operational support as required.

  • Generate daily, weekly, and monthly cybersecurity status reports.

  • Brief government leadership on: o Security incidents o Threat trends o Visibility gaps o Risk mitigation actions o Compliance posture

Requirements

  • Security+ CE (IAT Level II minimum), CASP+, CISSP, CCNP Security, or equivalent preferred, * Active DoD Secret Clearance.

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).

  • Minimum 5 years of cybersecurity engineering experience.

  • Minimum 3 years supporting enterprise security monitoring platforms.

  • Experience with: o FireEye/Trellix products o Gigamon Visibility Fabric o LogRhythm SIEM o Cisco enterprise networking o Palo Alto or Check Point firewalls o Windows Server and Active Directory o Packet capture and analysis tools Preferred Qualifications

  • FireEye/Trellix Certifications

  • Gigamon Certified Professional (GCP)

  • CISSP

  • CASP+

  • CCNP Security

  • GCIA

  • GCIH

  • CEH Desired Knowledge and Skills

  • Advanced Persistent Threat (APT) detection

  • Threat Hunting

  • Network Traffic Analysis

  • Incident Response

  • Malware Analysis

  • Security Automation

  • SIEM Engineering

  • IDS/IPS Technologies

  • Packet Broker Technologies

  • Network Forensics

  • Cloud Security Monitoring

  • Zero Trust Architecture

  • RMF and NIST 800-53 Controls Tools and Technologies

  • FireEye Helix / Trellix XDR

  • FireEye HX, NX, EX

  • Gigamon GigaVUE

  • GigaSMART

  • GigaVUE-FM

  • LogRhythm SIEM

  • ACAS

  • SolarWinds

  • Wireshark

  • CheckPoint Firewalls

  • Cisco Routers and Switches

  • VMware

  • Active Directory

  • Splunk (desired) Work Environment

Benefits & conditions

Supports the DCMA Enterprise Network Support Services (ENSS) program protecting over 200,000 users and millions of enterprise devices across global DoD networks. Position requires collaboration with Cybersecurity, NOC, Network Engineering, Firewall, Collaboration, and RMF teams in a mission-critical environment. Travel: Up to 10% CONUS/OCONUS as required. Shift Support: May include after-hours maintenance windows and on-call rotation.

Apply for this position