Yesterday
Top Secret
Mid Level Career (5+ yrs experience)
Occasional travel
IT - Security
Fayetteville, NC (On-Site/Office)
Primary Responsibilities
• Provides technical/management leadership on major tasks or technology assignments
• Leads integration effort between all customer defined Security Operations Center tools with the Splunk Security Information and Event Management (SIEM) platform
• Performs technical troubleshoot efforts in support of customer resources for complete network environments to identify and inform relevant parties of network or security configuration issues for SIEM data collection
• Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products, and technical quality assurance
• Designs, architects, and implements Splunk solutions in support of cyber-security and IT operations and data scientists
• Expected to demonstrate security related knowledge and skills, and good interpersonal and coordination skills
• Create custom parsers and correlation rules for alerting security personal to potential security incidents.
• Research cyber security related emerging trends
• Provide experience architecting and managing Splunk Core and Splunk ES
• Assist in managing TAs, source types and data formats, search, index clustering, Splunk ES and data models, upgrades, etc
• Serve as a Subject Matter Expert (SME) for improvements, implementation, administration, and operations to Cybersecurity systems
• Your primary work location will be the vicinity of Fort Bragg, NC, with travel as required, and locations as directed by senior management from STS
Qualifications and Education
• A bachelor’s degree or equivalent work experience in business administration, project management, or a related field
• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
• May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
• Ability to analyze data, identify trends, and make informed decisions
• May respond to computer security breaches and viruses
• Proficiency in resolving complex problems and adapting to changing circumstances
Required Skills
• DoD 8570 Certification in the IAT Level III and/or CNDSP tier or obtain within six months
• Splunk Enterprise Security experience, including administration and integration with backend systems
• Experience with incident response, investigation, and incident handling
• Knowledge of network security zones, firewall, and IDS
• Knowledge of log formats for syslog, http logs, and DB logs
• Knowledge of enterprise endpoint security products: McAfee e-Policy Orchestrator, Cylance, Microsoft Defender, etc
• Knowledge of network security tools and appliances: Cisco ISE, Palo Alto NextGen Firewalls, Blue Coat, etc
• Knowledge of Linux platforms
• Log debugging within the Splunk infrastructure and from remote sources i.e. syslog-ng, Windows, RHEL, networking devices, etc. to ensure data accuracy
• Development of tailored Splunk reports, dashboards, alerts, and advanced queries
Preferred Skills
• 2+ years of experience supporting cloud computing environments: AWS, Azure, GCP, etc. (Preferred) Experience with other big data analytics solutions: Elastic, Palantir, ArcSight, etc. (Preferred)
Clearance:
• Top Secret; with eligibility to obtain SCI (Applicants will be subject to security investigations and will have to meet eligibility requirements for classified information)
• Provides technical/management leadership on major tasks or technology assignments
• Leads integration effort between all customer defined Security Operations Center tools with the Splunk Security Information and Event Management (SIEM) platform
• Performs technical troubleshoot efforts in support of customer resources for complete network environments to identify and inform relevant parties of network or security configuration issues for SIEM data collection
• Responsible for SIEM security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products, and technical quality assurance
• Designs, architects, and implements Splunk solutions in support of cyber-security and IT operations and data scientists
• Expected to demonstrate security related knowledge and skills, and good interpersonal and coordination skills
• Create custom parsers and correlation rules for alerting security personal to potential security incidents.
• Research cyber security related emerging trends
• Provide experience architecting and managing Splunk Core and Splunk ES
• Assist in managing TAs, source types and data formats, search, index clustering, Splunk ES and data models, upgrades, etc
• Serve as a Subject Matter Expert (SME) for improvements, implementation, administration, and operations to Cybersecurity systems
• Your primary work location will be the vicinity of Fort Bragg, NC, with travel as required, and locations as directed by senior management from STS
Qualifications and Education
• A bachelor’s degree or equivalent work experience in business administration, project management, or a related field
• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
• May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
• Ability to analyze data, identify trends, and make informed decisions
• May respond to computer security breaches and viruses
• Proficiency in resolving complex problems and adapting to changing circumstances
Required Skills
• DoD 8570 Certification in the IAT Level III and/or CNDSP tier or obtain within six months
• Splunk Enterprise Security experience, including administration and integration with backend systems
• Experience with incident response, investigation, and incident handling
• Knowledge of network security zones, firewall, and IDS
• Knowledge of log formats for syslog, http logs, and DB logs
• Knowledge of enterprise endpoint security products: McAfee e-Policy Orchestrator, Cylance, Microsoft Defender, etc
• Knowledge of network security tools and appliances: Cisco ISE, Palo Alto NextGen Firewalls, Blue Coat, etc
• Knowledge of Linux platforms
• Log debugging within the Splunk infrastructure and from remote sources i.e. syslog-ng, Windows, RHEL, networking devices, etc. to ensure data accuracy
• Development of tailored Splunk reports, dashboards, alerts, and advanced queries
Preferred Skills
• 2+ years of experience supporting cloud computing environments: AWS, Azure, GCP, etc. (Preferred) Experience with other big data analytics solutions: Elastic, Palantir, ArcSight, etc. (Preferred)
Clearance:
• Top Secret; with eligibility to obtain SCI (Applicants will be subject to security investigations and will have to meet eligibility requirements for classified information)
group id: 91116930
N
