Anonymous Employer
Hiring Now! Security Engineer - Splunk with Security Clearance
Anonymous Employer, Arlington, Virginia, United States, 22201
Overview
We are seeking a Security Engineer to help design and implement solutions that support IT operations. The Security Engineer will manage security tech, including Splunk Enterprise Security (ES), and focus on maintaining and monitoring a large, distributed Splunk deployment. You will help guide the technical direction of our Splunk setup and integrate data feeds. The candidate must have solid Splunk experience and can collaborate with a diverse team and work with end users across different locations.
Location Fort Bragg vicinity, NC (on-site); Fayetteville, NC (on-site); Crystal City, VA (on-site). Travel as required and locations as directed by senior management from STS.
Primary Responsibilities
Provides technical/management leadership on major tasks or technology assignments
Leads integration effort between all customer defined Security Operations Center tools with the Splunk Security Information and Event Management (SIEM) platform
Performs technical troubleshoot efforts in support of customer resources for complete network environments to identify and inform relevant parties of network or security configuration issues for SIEM data collection
Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products, and technical quality assurance
Designs, architects, and implements Splunk solutions in support of cyber–security and IT operations and data scientists
Demonstrates security related knowledge and skills, and good interpersonal and coordination skills
Create custom parsers and correlation rules for alerting security personnel to potential security incidents
Research cyber security related emerging trends
Provide experience architecting and managing Splunk Core and Splunk ES
Assist in managing TAs, source types and data formats, search, index clustering, Splunk ES and data models, upgrades, etc
Serve as a Subject Matter Expert (SME) for improvements, implementation, administration, and operations to Cybersecurity systems
Qualifications and Education
A bachelor’s degree or equivalent work experience in business administration, project management, or a related field
Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
Ability to analyze data, identify trends, and make informed decisions
May respond to computer security breaches and viruses
Proficiency in resolving complex problems and adapting to changing circumstances
Required Skills
DoD 8570 Certification in the IAT Level III and/or CNDSP tier or obtain within six months
Splunk Enterprise Security experience, including administration and integration with backend systems
Experience with incident response, investigation, and incident handling
Knowledge of network security zones, firewall, and IDS
Knowledge of log formats for syslog, HTTP logs, and DB logs
Knowledge of enterprise endpoint security products: McAfee e–Policy Orchestrator, Cylance, Microsoft Defender, etc
Knowledge of network security tools and appliances: Cisco ISE, Palo Alto NextGen Firewalls, Blue Coat, etc
Knowledge of Linux platforms
Log debugging within the Splunk infrastructure and from remote sources (e.g., syslog–ng, Windows, RHEL, networking devices) to ensure data accuracy
Development of tailored Splunk reports, dashboards, alerts, and advanced queries
Preferred Skills
2+ years of experience supporting cloud computing environments: AWS, Azure, GCP, etc. (Preferred)
Experience with other big data analytics solutions: Elastic, Palantir, ArcSight, etc. (Preferred)
Clearance Top Secret; with eligibility to obtain SCI. Applicants will be subject to security investigations and must meet eligibility requirements for classified information.
About Us We are a Woman Owned Small Business (WOSB) that carries a passion for problem–solving in support of today’s warfighters and government entities by providing Strategic Advisory and Program Management, C5ISR Enterprise Architecture and Design, Cybersecurity, IT Services, and ServiceNow Solutions. We are an equal opportunity and affirmative action employer. We consider applicants without regard to race, color, religion, creed, gender, national origin, age, disability, genetic information, marital or veteran status, or any other category protected by federal, state, or local law.
#J-18808-Ljbffr
Location Fort Bragg vicinity, NC (on-site); Fayetteville, NC (on-site); Crystal City, VA (on-site). Travel as required and locations as directed by senior management from STS.
Primary Responsibilities
Provides technical/management leadership on major tasks or technology assignments
Leads integration effort between all customer defined Security Operations Center tools with the Splunk Security Information and Event Management (SIEM) platform
Performs technical troubleshoot efforts in support of customer resources for complete network environments to identify and inform relevant parties of network or security configuration issues for SIEM data collection
Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products, and technical quality assurance
Designs, architects, and implements Splunk solutions in support of cyber–security and IT operations and data scientists
Demonstrates security related knowledge and skills, and good interpersonal and coordination skills
Create custom parsers and correlation rules for alerting security personnel to potential security incidents
Research cyber security related emerging trends
Provide experience architecting and managing Splunk Core and Splunk ES
Assist in managing TAs, source types and data formats, search, index clustering, Splunk ES and data models, upgrades, etc
Serve as a Subject Matter Expert (SME) for improvements, implementation, administration, and operations to Cybersecurity systems
Qualifications and Education
A bachelor’s degree or equivalent work experience in business administration, project management, or a related field
Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
Ability to analyze data, identify trends, and make informed decisions
May respond to computer security breaches and viruses
Proficiency in resolving complex problems and adapting to changing circumstances
Required Skills
DoD 8570 Certification in the IAT Level III and/or CNDSP tier or obtain within six months
Splunk Enterprise Security experience, including administration and integration with backend systems
Experience with incident response, investigation, and incident handling
Knowledge of network security zones, firewall, and IDS
Knowledge of log formats for syslog, HTTP logs, and DB logs
Knowledge of enterprise endpoint security products: McAfee e–Policy Orchestrator, Cylance, Microsoft Defender, etc
Knowledge of network security tools and appliances: Cisco ISE, Palo Alto NextGen Firewalls, Blue Coat, etc
Knowledge of Linux platforms
Log debugging within the Splunk infrastructure and from remote sources (e.g., syslog–ng, Windows, RHEL, networking devices) to ensure data accuracy
Development of tailored Splunk reports, dashboards, alerts, and advanced queries
Preferred Skills
2+ years of experience supporting cloud computing environments: AWS, Azure, GCP, etc. (Preferred)
Experience with other big data analytics solutions: Elastic, Palantir, ArcSight, etc. (Preferred)
Clearance Top Secret; with eligibility to obtain SCI. Applicants will be subject to security investigations and must meet eligibility requirements for classified information.
About Us We are a Woman Owned Small Business (WOSB) that carries a passion for problem–solving in support of today’s warfighters and government entities by providing Strategic Advisory and Program Management, C5ISR Enterprise Architecture and Design, Cybersecurity, IT Services, and ServiceNow Solutions. We are an equal opportunity and affirmative action employer. We consider applicants without regard to race, color, religion, creed, gender, national origin, age, disability, genetic information, marital or veteran status, or any other category protected by federal, state, or local law.
#J-18808-Ljbffr