Security Engineer - Splunk with Security Clearance

Primary Responsibilities Provides technical/management leadership on major tasks or technology assignments Leads integration effort between all customer defined Security Operations Center tools with the Splunk Security Information and Event Management (SIEM) platform Performs technical troubleshoot efforts in support of customer resources for complete network environments to identify and inform relevant parties of network or security configuration issues for SIEM data collection Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products, and technical quality assurance Designs, architects, and implements Splunk solutions in support of cybersecurity and IT operations and data scientists Expected to demonstrate security related knowledge and skills, and good interpersonal and coordination skills Create custom parsers and correlation rules for alerting security personal to potential security incidents. Research cyber security related emerging trends Provide experience architecting and managing Splunk Core and Splunk ES Assist in managing TAs, source types and data formats, search, index clustering, Splunk ES and data models, upgrades, etc Serve as a Subject Matter Expert (SME) for improvements, implementation, administration, and operations to Cybersecurity systems Your primary work location will be the vicinity of Fort Bragg, NC, with travel as required, and locations as directed by senior management from STS Qualifications and Education A bachelor's degree or equivalent work experience in business administration, project management, or a related field Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure Ability to analyze data, identify trends, and make informed decisions May respond to computer security breaches and viruses Proficiency in resolving complex problems and adapting to changing circumstances Required Skills DoD 8570 Certification in the IAT Level III and/or CNDSP tier or obtain within six months Splunk Enterprise Security experience, including administration and integration with backend systems Experience with incident response, investigation, and incident handling Knowledge of network security zones, firewall, and IDS Knowledge of log formats for syslog, http logs, and DB logs Knowledge of enterprise endpoint security products: McAfee ePolicy Orchestrator, Cylance, Microsoft Defender, etc Knowledge of network security tools and appliances: Cisco ISE, Palo Alto NextGen Firewalls, Blue Coat, etc Knowledge of Linux platforms Log debugging within the Splunk infrastructure and from remote sources i.e. syslogng, Windows, RHEL, networking devices, etc. to ensure data accuracy Development of tailored Splunk reports, dashboards, alerts, and advanced queries Preferred Skills 2+ years of experience supporting cloud computing environments: AWS, Azure, GCP, etc. (Preferred) Experience with other big data analytics solutions: Elastic, Palantir, ArcSight, etc. (Preferred) Clearance: Top Secret; with eligibility to obtain SCI (Applicants will be subject to security investigations and will have to meet eligibility requirements for classified information) #J-18808-Ljbffr