Splunk Engineer with Security Clearance

Top Skills' Details Security Engineer with 8+ years experience: 1. DoD 8570.1 IAT Level II certification to start -Must have one of the following security certifications: Security+, SCNP, SSCP, CISSP, GSEC 2. 5+ years relevant experience with Back-end Splunk (installing/hardening/configuring the Splunk architectural components) 3. Active DoD Clearance - Minimum of a DoD Secret Clearance Required. Top Secret preferred but they can work on an interim TS - IAT II Certifications Required: Must have ONE of the following security certifications: GSEC, Security+, SCNP, SSCP, CISSP Secondary Skills - Nice to Haves Splunk Enterprise Certified Admin Splunk Enterprise Certified Architect DISA STIGs RMF Automation Ansible Systems Administration CANES ADNS SIT AISIT C5ISR C4ISR Job Description Platform Boundary Defense - Splunk Engineer US-SC-North Charleston Description • Racking and cabling the Platform Boundary Defense (PBD) system • Designing, testing, deploying, hardening, configuring and tuning the SIEM architecture components (Splunk or equivalent) • Creating Engineering Changes to support the lifecycle including engineering documentation • Performing vulnerability scans of the system and review on a weekly basis • Coordinating among stakeholders, including Security Engineers, Network Administrators, System Administrators, Information Assurance Managers (IAMs) / Information Systems Security Managers (ISSMs), certification authorities, accreditation authorities (and representatives), program managers, vendors, etc., necessary to properly identify, document, mitigate, and manage risk attributed to the target system, network, and/or application • Identifying, developing (either directly, or in coordination with applicable experts), and incorporating common artifacts found in an RMF accreditation package, e.g., system architecture and boundaries, hardware and software inventories, risk assessment reports, POA&Ms, data flows, and other necessary system, network, and application documentation • Using vulnerability scanning and assessment tools (e.g., ACAS/HBSS) necessary to identify and document compliance • Designing, implementing and hardening SIEM architectural components • Working full-time onsite in a secured lab space, where the majority of work must be performed to support this tasking Requirements • DoD 8570.1 IAT Level II certification to start o Must have one of the following security certifications: Security+, SCNP, SSCP, CISSP, GSEC • Five (5) years of experience in relevant technical field, to include: Technology Analysis and Assessment, Design Definition, Development of Systems Specification, Systems Analysis, Systems Architecture, Systems/Equipment Integration, Test & Evaluation Criteria, and Logistics support of C5ISR requirements • Back-end Splunk experience (installing/hardening/configuring the Splunk architectural components) • Proven experience in one or more of the following: o System administration experience on DoD-deployed systems o Experience in designing, maintaining and deploying Splunk enterprise architecture, with a preference for experience within a DoD environment o Being comfortable with the creation of in-depth, accurate technical documentation o CANES/ADNS experience for Afloat vessels would be beneficial o Participation in SIT/AISIT events Desired Skills • One of the following OS/OE trainings or certifications is desired: o Splunk Enterprise Certified Admin o Splunk Enterprise Certified Architect • Splunk architecture design experience • Experience in designing, maintaining and/or deploying Splunk or other enterprise SIEM systems in a DoD environment o This includes Splunk system architecture design, installation and hardening of Splunk components, and also administration and customization of Splunk ingest configuration and dashboards • Experience utilizing DISA STIGs to harden and secure Linux systems, specifically Splunk backend components • Design, testing and validation experience on DoD-deployed systems, specifically related to Splunk or other Logging/SIEM systems • Have a solid understanding of current operating system security design best practices • Knowledge of the RMF process and supporting deliverables is a plus • Self-motivated with the ability to work both independently and in a collaborative environment • Knowledge of systems engineering activities and process improvement approaches strongly desired • Experience with Automation solutions (such as Ansible) highly preferred Clearance Information SECRET LEVEL WITH TOP SECRET ELIGIBILITY Additional Skills & Qualifications Candidates must have the following: • Excellent communication skills (both verbal and written) • Must be flexible, able to perform a variety of duties, and multi-task • Ability to maintain a balance of business and technical perspectives • Good listening skills and ability to innovate and brainstorm around business ideas and needs • Good judgment, creativity and strategic thinking skills • Must be detail oriented