Employer Active
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
A university degree from a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 3 years of specific experience. Exceptionally, the lack of a university degree may be compensated by the demonstration of a contractor s particular abilities or experience that is/are of interest to the OCIO; that is, at least 7 years extensive and progressive expertise in the tasks related to the function of the cyber security threat research
Expert level in at least three of the following areas and a high level of experience in the other areas:
Knowledge of best practices for the software development life cycle, including coding standards, code reviews, and testing
Proficient in python
Experience in querying and manipulating data from a RESTful API
Experience in building dashboards using Splunk, Elastic, Grafana or other tools
Solid working knowledge of Linux command line
Experience in supporting an incident response or cyber threat intelligence team
Previous experience using and managing AWS VPCs
Have the ability to quickly learn tools and data languages with a steep learning curve
Experience in managing and orchestrating Docker containers
Knowledge of Vertex Synapse and its data language
Experience with data analytics
DevOps experience with cloud CI/CD workflows implementation
Experience with graph and hypergraph databases
Extend the cyber threat analysis platform with custom code (python and storm) deployed in Docker containers.
Measurement: Create python and storm extensions to the threat analysis platform in the form of git commits, describing the code commits and with additional comments in the code. Initial scripts developed within 60 days of arrival, and thereafter milestones will be ongoing and assessed on a quarterly basis
Measurement: Write user manuals and other documentation for the scripts and post on the team s central document repository. This work is tied to the timelines of the script development: first user manual within 60 days of arrival, and thereafter milestones will be ongoing and assessed on a quarterly basis
Build data pipelines between the backend database (Cortex hypergraph), data science tools and dashboards
Measurement: Store the developed code to connect the Cortex and other tooling on a git repository. Provide code within 30 days of arrival.
Measurement: Include documentation on our central documentation repository. Provide first documentation within 30 days of arrival and provide additional documentation as required
Improve the cloud architecture and help the team in migrating its more traditional cloud infrastructure to AWS cloud-native tooling (e.g. move Docker infrastructure to AWS ECS)
Measurement: Migrated services in AWS. Documentation provided within 10 working days of tasking
Create useful trending and threat card dashboards for the cyber threat analysts, by incorporating the analysts functional requirements
Measurement: Creation of dynamic dashboards that read data on the fly directly from the hypergraph database, using a python asyncio API
Measurement: Provide training to the analyst on how to use the dashboard and present its features
Full Time