Quadrant, Inc.
Overview
Cyber Security Specialist III – Washington, DC
Pay From: $55.00 per hour
Qualifications
Secret Clearance required
7+ years of experience
Proficiency in tools such as SIEMs (e.g., Splunk), IDS/IPS, endpoint detection, and scripting languages
Strong communication skills for working with SOC teams, CD&M engineers, and system stakeholders
Collaboration with internal cybersecurity experts
Understanding of impact assessment on end-products or solutions; broad technical understanding of related cybersecurity specialty areas
Ability to develop and implement technical solutions independently
Experience with incident detection, response, and security event management
Familiarity with NIST SP 800-53, FISMA, and risk management frameworks
Experience with scripting (e.g., Python, Bash) and log data analysis
Deep technical knowledge and proficiency in cybersecurity principles and practices; strong problem-solving for complex and unclear technical issues
Bachelor\'s degree from an accredited institute in Cybersecurity or related field; Three additional years of experience in lieu of degree
Duties
Perform day-to-day administration of Splunk, including monitoring system health, managing indexes, and troubleshooting ingestion or search performance issues
Support Splunk operations in hybrid environments (on-prem servers, AWS compute/storage, Linux VMs)
Apply patches, upgrades, and configurations to maintain stability and compliance of Splunk infrastructure
Onboard new data sources into Splunk using syslog, HTTP Event Collector (HEC), JSON feeds, and APIs
Normalize and validate ingested data to ensure alignment with Splunk Common Information Model (CIM) and SOC use cases
Collaborate with system owners, engineers, and SOC analysts to configure log forwarding and resolve onboarding issues
Develop and maintain ingestion pipelines that support large-scale SOC operations
Tune parsing, field extractions, and sourcetypes for optimal indexing and search performance; document and maintain data onboarding procedures, schemas, and configuration standards
Ensure Splunk onboarding and data retention configurations align with security and compliance requirements (NIST RMF, FISMA, CCRI)
Generate audit-ready intake documentation and data validation reports for compliance reviews
Work with compliance and CD&M teams to ensure Splunk data supports continuous monitoring and reporting mandates
Provide Tier II/III Splunk intake and admin support, escalating complex issues to senior Splunk engineers as required
Partner with SOC analysts and CD&M engineers to ensure onboarded data supports detection, dashboards, and reporting needs
Contribute to DI\&I process improvement initiatives to streamline intake and optimize operational workflows
Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability.
#J-18808-Ljbffr
Pay From: $55.00 per hour
Qualifications
Secret Clearance required
7+ years of experience
Proficiency in tools such as SIEMs (e.g., Splunk), IDS/IPS, endpoint detection, and scripting languages
Strong communication skills for working with SOC teams, CD&M engineers, and system stakeholders
Collaboration with internal cybersecurity experts
Understanding of impact assessment on end-products or solutions; broad technical understanding of related cybersecurity specialty areas
Ability to develop and implement technical solutions independently
Experience with incident detection, response, and security event management
Familiarity with NIST SP 800-53, FISMA, and risk management frameworks
Experience with scripting (e.g., Python, Bash) and log data analysis
Deep technical knowledge and proficiency in cybersecurity principles and practices; strong problem-solving for complex and unclear technical issues
Bachelor\'s degree from an accredited institute in Cybersecurity or related field; Three additional years of experience in lieu of degree
Duties
Perform day-to-day administration of Splunk, including monitoring system health, managing indexes, and troubleshooting ingestion or search performance issues
Support Splunk operations in hybrid environments (on-prem servers, AWS compute/storage, Linux VMs)
Apply patches, upgrades, and configurations to maintain stability and compliance of Splunk infrastructure
Onboard new data sources into Splunk using syslog, HTTP Event Collector (HEC), JSON feeds, and APIs
Normalize and validate ingested data to ensure alignment with Splunk Common Information Model (CIM) and SOC use cases
Collaborate with system owners, engineers, and SOC analysts to configure log forwarding and resolve onboarding issues
Develop and maintain ingestion pipelines that support large-scale SOC operations
Tune parsing, field extractions, and sourcetypes for optimal indexing and search performance; document and maintain data onboarding procedures, schemas, and configuration standards
Ensure Splunk onboarding and data retention configurations align with security and compliance requirements (NIST RMF, FISMA, CCRI)
Generate audit-ready intake documentation and data validation reports for compliance reviews
Work with compliance and CD&M teams to ensure Splunk data supports continuous monitoring and reporting mandates
Provide Tier II/III Splunk intake and admin support, escalating complex issues to senior Splunk engineers as required
Partner with SOC analysts and CD&M engineers to ensure onboarded data supports detection, dashboards, and reporting needs
Contribute to DI\&I process improvement initiatives to streamline intake and optimize operational workflows
Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability.
#J-18808-Ljbffr