Threat Management Specialist (Tier 2)

Description Dragonfli Group is a cybersecurity and IT consulting firm headquartered in Washington, DC, delivering strategic solutions to government agencies and enterprise clients nationwide. We specialize in advanced threat detection, incident response, and the integration of emerging technologies such as AI and machine learning to enhance security operations. Our teams operate in diverse work environments—including on-site, hybrid, and fully remote—on contracts ranging from several months to multiple years. We are seeking a Threat Management Specialist (Tier 2) to join our Cybersecurity Operations Center (CSOC) team. This role focuses on deep-dive incident analysis, correlating data across multiple sources, and determining the potential impact to critical systems and data. The ideal candidate will have strong expertise in network traffic analysis, intrusion detection, and AI/ML-driven automation, along with hands-on experience using advanced security platforms and threat intelligence tools. There are two positions open for this role. The schedule for each is below: Schedule 1: Mon - Fri: 7:00 AM to 4:00 PM Schedule 2: Tues & Wed: 10:00 AM to 7:00 PM, Sat & Su: 10:00 AM to 10:30 PM Key Responsibilities: Identify and assess cybersecurity problems, recommending and implementing mitigating controls. Analyze network traffic to detect exploits, intrusions, and anomalous activity. Recommend and fine-tune detection mechanisms for emerging threats. Serve as SME on network-based attacks, traffic analysis, and intrusion methodologies. Escalate and coordinate advanced incident investigations with other Threat Management team members. Execute operational processes for incident response and remediation efforts. Utilize AI/ML tools to enhance threat detection, automate triage, and improve SOC efficiency. Perform threat intelligence analysis, adapting defenses using ML-enhanced techniques. Manage email security platforms (e.g., ProofPoint) and respond to phishing or targeted attacks. Configure and manage Splunk, FirePower, and SentinelOne for proactive threat monitoring. Monitor and respond to alerts across platforms including Microsoft Defender suite, Azure Entra ID, and Google Cloud SCC. Tune security policies, improve detection capabilities, and support ongoing SOC process improvement. Stay informed on evolving threat landscapes, adversary tactics, and AI/ML advancements in cybersecurity. Identify and implement automation and AI use cases to strengthen SOC capabilities. Requirements Required Skills & Qualifications: 3+ years of IT security experience, including exposure to AI/ML projects in cybersecurity. 2+ years of experience in network traffic analysis and intrusion detection/prevention. Strong understanding of TCP/IP, Boolean logic, network exploits, and threat management techniques. Experience with IDS/IPS technologies, architectures, and signature creation. Proficiency in Splunk, FirePower, ProofPoint, SentinelOne, and Microsoft Defender security suite. Hands-on experience with SOAR platforms and automation in SOC environments. Knowledge of cloud security (AWS, Azure, GCP). Proficiency in using ML frameworks for anomaly detection, threat intelligence, and behavioral analysis. Skills in data preprocessing, feature engineering, and working with large, complex security datasets. Strong communication, documentation, and stakeholder engagement skills. Bachelor’s degree in Computer Science, Information Technology, or related field. Industry certifications (GCED, GSEC, CISSP, SSCP) preferred. Work Environment: Flexible; remote considered. Travel: Minimal, as required for project needs. Clearance Requirement: U.S. citizenship or lawful permanent residency required. AI Usage Policy: Candidates must be able to independently demonstrate technical proficiency without the use of AI tools during interviews or performance assessments. Skill(s) None Benefits Benefits: Insurance – health, dental, and vision Paid Time Off (PTO) and 11 Federal Holidays 401(k) employer match Travel None Originally posted on Himalayas