Your success is a train ride away!
As we move America’s workforce toward the future, Amtrak connects businesses and communities across the country. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority, and the success of our railroad is due to our employees.
Are you ready to join our team?
Our values of ‘Do the Right Thing, Excel Together and Put Customers First’ are at the heart of what matters most to us, and our Core Capabilities, ‘Building Trust, Accountability, Effective Communication, Customer Focus, and Proactive Safety & Security’ are what every employee needs to know and do to be most impactful at Amtrak. By living the Amtrak values, focusing on our capabilities, and actively embracing and fostering diverse ideas, backgrounds, and perspectives, together we will honor our past and make Amtrak a company of the future.
SUMMARY OF DUTIES:
The Detection Engineer will play a critical role transforming the Cyber Fusion Center. If you are someone who enjoys looking through data sets for anomalies, researching malware, reading up on the latest adversary’s techniques, tactics, and procedures, trying out new penetration tools and techniques to see what telemetry is generated, this position is for you.
Our team’s mission is simple: hunt and find threats.
Our team’s objective is simple: build a threat-informed defense.
Our team’s goal is simple: excel together.
ESSENTIAL FUNCTIONS:
• Identify relevant data sources to determine threat-detection scenarios and use cases.
• Engineer specific, yet abstract detectors finding the ideal balance between an adversary’s tactics, techniques, and procedures (TTPs).
• Automate threat-detection scenarios and use cases to improve Cyber Incident Response workflows.
• Provide Cyber Fusion Enablement for Detection Improvement Requests (DIR).
• Build threat detection models identifying relevant threats leveraging the Detection Development Lifecycle, Threat Detection Maturity and Alerting and Detection Strategy (ADS) Frameworks.
• Assesses the effectiveness of threat detection practices and countermeasures across the Enterprise infrastructure and applications.
• Performs Cyber Fusion technology detection gap assessments, assist with developing the strategic enhancement roadmap.
• Participates in planning sessions related to Enterprise projects or new technologies to implement process improvement within the functional area.
MINIMUM QUALIFICATIONS:
• Bachelor’s Degree in Computer Science, Information Systems, Software Engineering, Software Development, Applied Data Science and Machine Learning, or relevant field, and relevant experience of work experience in Cybersecurity.
• Must possess relevant experience with scripting, object-oriented programming, coding, or infrastructure-as-code (IaC).
• Ability to think critically and like threat actors.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality threat detectors.
• Knowledge of MITRE ATT&CK, Mobile, and ICS Frameworks or equivalent.
• Knowledge of MITRE ATT&CK Navigator or equivalent.
• Knowledge of MITRE Engage and Defend Frameworks or equivalent.
• Skill in using multiple analytic tools, databases, and techniques. (e.g., Analyst’s Notebook, divergent/convergent thinking, link charts, matrices, etc.)
• Skill to analyze and assess internal and external partner cyber operations capabilities and tools.
• Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
PREFERRED QUALIFICATIONS:
• Cybersecurity certifications, courses, or hands-on experience with some of the following:
o Red Team Operations and Adversary Emulation
o Penetration Testing, Exploit Writing, and Ethical Hacking
o Offensive Security, Security Operations, Web Application Testing, or Cloud Security
o Reverse-Malware Engineering
o Digital Forensics and Incident Response
o Cyber Deception – Attack Detection, Disruption, Active Defense
o Applied Data Science and Machine Learning for Cybersecurity Professionals
• Experience applying Threat Hunting methodologies which are Intelligence-Hypothesis driven with sound scientific-methodology principals applied.
• Preferred knowledge and familiarity with Operational Technology (OT), Industrial Controls Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems, but not required
WORK ENVIRONMENT:
• 100% Remote.
• May require occasional travel up to 25% of the time.
• May require occasional on-call status.
• May require occasional after hours, weekend, or periodic shift work supporting a 24x7x365 Cyber Fusion Center.
COMMUNICATIONS AND INTERPERSONAL SKILLS:
Must have excellent oral and written communication skills.
The salary/hourly range is $124,600-$161,352, Pay is based on several factors including but not limited to education, work experience, certifications, internal equity, etc. Depending on an employee’s assigned worksite or location, Amtrak may consider a geo-pay differential to be applied to the employee’s base salary. Amtrak may offer additional incentive and pay programs to recognize and reward our employees, including a short-term incentive bonus based upon factors such as individual and company performance that is commensurate with the level of the position and/or long-term incentive plan compensation. In addition to your salary, Amtrak offers a comprehensive benefit package that includes health, dental, and vision plans; health savings accounts; wellness programs; flexible spending accounts; 401K retirement plan with employer match; life insurance; short and long term disability insurance; paid time off; back-up care; adoption assistance; surrogacy assistance; reimbursement of education expenses; Public Service Loan Forgiveness eligibility; Railroad Retirement sickness and retirement benefits; and rail pass privileges. Learn more about our benefits offerings here.
Requisition ID:165097
Work Arrangement:02-Remote Optional Click here for more information about work arrangements at Amtrak.
Relocation Offered:No
Travel Requirements:Up to 25%
You power our progress through your performance.
We want your work at Amtrak to be more than a job. We want your career at Amtrak to be a fulfilling experience where you find challenging work, rewarding opportunities, respect among colleagues, and attractive compensation. Amtrak maintains a culture that values high performance and recognizes individual employee contributions.
Amtrak is committed to a safe workplace free of drugs and alcohol. All Amtrak positions requires a pre-employment background check that includes prior employment verification, a criminal history check and a pre-employment drug screen.
Candidates who test positive for marijuana will be disqualified, regardless of any state or local statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession of marijuana, whether for medical, recreational, or other use. Amtrak's pre-employment drug testing program is administered in accordance with DOT regulations and applicable law.
In accordance with DOT regulations (49 CFR § 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety-sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, the individual will not be permitted to perform safety-sensitive functions.
In accordance with federal law governing security checks of covered individuals for providers of public transportation (Title 6 U.S.C. §1143), Amtrak is required to screen applicants for any permanent or interim disqualifying criminal offenses.
Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.
Amtrak is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race/color, to include traits historically associated with race, including but not limited to, hair texture and hairstyles such as braids, locks and twists, religion, sex (including pregnancy, childbirth and related conditions, such as lactation), national origin/ethnicity, disability (intellectual, mental and physical), veteran status, marital status, ancestry, sexual orientation, gender identity and gender expression, genetic information, citizenship or any other personal characteristics protected by law..