Oslitanditech
Primary Responsibilities
A minimum of 5 years of experience in system administration, database administration, network engineering , software engineering , or software development, with a concentration in Cybersecurity.
Conceptualize, Design, Build, and Maintain current and future NOSC supported tools and platforms.
Manage multiple assignments, changing priorities, and work independently with little oversight.
Provide direct support for onboarding data into Splunk
via forwarder, scripted inputs, TCP/UDP and modular inputs from sources such as FireEye, BlueCoat proxies, Big IP, Cisco, Palo Alto, host syslogs, etc.
Assist with all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same.
Create, manage, and support automation solutions for Splunk
deployment and orchestration within a Cloud environment.
Work closely with senior engineers , other team members and application owners to solve technical problems at the network, system and application levels.
Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required.
Conduct network security architecture reviews to determine the size, and placement of intrusion monitoring equipment during the customer onboarding process.
Documentation and Reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order.
Build, implement and administer Splunk
in Windows and Linux environments.
Build, implement and administer SplunkES
and
SOAR
The candidate shall have bachelor’s degree in Computer Science, Engineering , or related field and a minimum of 8 years of experience in system administration, database administration, network engineering , software engineering , or software development, with a concentration in Cybersecurity. At least one of the following certifications: CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CCSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX
Current Splunk
Enterprise Certified Architect certification
Basic Qualifications
At least Three (3) years of experience with Splunk
in distributed deployments
Proficiency managing Splunk
using the Splunk
command-line interface
Proficiency managing Splunk
using configuration files
Experience onboarding data into Splunk
via forwarder, scripted inputs, TCP/UDP and modular inputs from a variety of sources.
Proficiency onboarding data using Splunk
developed add-ons for Windows, Linux, and common third-party devices and applications
Experience collaborating with separate engineering
teams to configure data sources for Splunk
integration
5+ Years experience in Linux, Windows and SQL/ODBC interfaces
Proficiency implementing and onboarding data in Splunk DB Connect
3+ Years experience in app interface development, using REST API’s
Experience with Splunk
performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
Experience developing in XML, Bash, JavaScript and Python, Perl, PowerShell scripts
General networking and security troubleshooting (firewalls, routing, NAT, etc.)
Splunk
architecture/design, implementation, and troubleshooting experience
Experience in managing, maintaining, and administering multi-site indexer cluster
Scripting and development skills (BASH, python, or java) with strong knowledge of regular expressions
Proficiency developing log ingestion and aggregation strategies per Splunk best practices
Proficiency normalizing data to Splunk
Common Information Model (CIM)
Experience implementing and optimizing Splunk
data models
Expertise developing security-focused content for Splunk , including creation of complex threat detection log and operational dashboards
Perform integration activities to configure, connect, and pull data with 3rd party software APIs.
Ability to autonomously prioritize and successfully deliver across a portfolio of projects
Undertakes day-to-day operational and user support
#J-18808-Ljbffr
A minimum of 5 years of experience in system administration, database administration, network engineering , software engineering , or software development, with a concentration in Cybersecurity.
Conceptualize, Design, Build, and Maintain current and future NOSC supported tools and platforms.
Manage multiple assignments, changing priorities, and work independently with little oversight.
Provide direct support for onboarding data into Splunk
via forwarder, scripted inputs, TCP/UDP and modular inputs from sources such as FireEye, BlueCoat proxies, Big IP, Cisco, Palo Alto, host syslogs, etc.
Assist with all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same.
Create, manage, and support automation solutions for Splunk
deployment and orchestration within a Cloud environment.
Work closely with senior engineers , other team members and application owners to solve technical problems at the network, system and application levels.
Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required.
Conduct network security architecture reviews to determine the size, and placement of intrusion monitoring equipment during the customer onboarding process.
Documentation and Reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order.
Build, implement and administer Splunk
in Windows and Linux environments.
Build, implement and administer SplunkES
and
SOAR
The candidate shall have bachelor’s degree in Computer Science, Engineering , or related field and a minimum of 8 years of experience in system administration, database administration, network engineering , software engineering , or software development, with a concentration in Cybersecurity. At least one of the following certifications: CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CCSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX
Current Splunk
Enterprise Certified Architect certification
Basic Qualifications
At least Three (3) years of experience with Splunk
in distributed deployments
Proficiency managing Splunk
using the Splunk
command-line interface
Proficiency managing Splunk
using configuration files
Experience onboarding data into Splunk
via forwarder, scripted inputs, TCP/UDP and modular inputs from a variety of sources.
Proficiency onboarding data using Splunk
developed add-ons for Windows, Linux, and common third-party devices and applications
Experience collaborating with separate engineering
teams to configure data sources for Splunk
integration
5+ Years experience in Linux, Windows and SQL/ODBC interfaces
Proficiency implementing and onboarding data in Splunk DB Connect
3+ Years experience in app interface development, using REST API’s
Experience with Splunk
performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
Experience developing in XML, Bash, JavaScript and Python, Perl, PowerShell scripts
General networking and security troubleshooting (firewalls, routing, NAT, etc.)
Splunk
architecture/design, implementation, and troubleshooting experience
Experience in managing, maintaining, and administering multi-site indexer cluster
Scripting and development skills (BASH, python, or java) with strong knowledge of regular expressions
Proficiency developing log ingestion and aggregation strategies per Splunk best practices
Proficiency normalizing data to Splunk
Common Information Model (CIM)
Experience implementing and optimizing Splunk
data models
Expertise developing security-focused content for Splunk , including creation of complex threat detection log and operational dashboards
Perform integration activities to configure, connect, and pull data with 3rd party software APIs.
Ability to autonomously prioritize and successfully deliver across a portfolio of projects
Undertakes day-to-day operational and user support
#J-18808-Ljbffr