Yesterday
Top Secret/SCI
Early Career (2+ yrs experience)
No Traveling
Full Scope Polygraph
IT - Security
Chantilly, VA (On-Site/Office)
Job Summary:
As a Security Analyst, you will provide day-to-day security monitoring, incident response, and threat analysis leveraging Splunk Enterprise Security (ES) and SOAR platforms. You will also play an active role in the ongoing buildout, configuration, and engineering of our Splunk ES environment, including onboarding new data sources, creating detection content, and developing automated response workflows.
This role is ideal for candidates who want to blend security operations expertise with SIEM engineering and automation development in a fast-paced government setting.
Key Responsibilities:
• Monitor and analyze security events using Splunk Enterprise Security (ES) dashboards, alerts, and correlation searches.
• Investigate and respond to security incidents, including triage, root cause analysis, containment, and remediation support.
• Develop and fine-tune correlation rules, alerts, and dashboards in Splunk ES to improve threat detection capabilities.
• Design, build, and maintain automated response playbooks using SOAR tools (e.g., Splunk SOAR or similar platforms) to streamline and standardize incident response workflows.
• Assist with the engineering, configuration, and ongoing buildout of Splunk ES, including onboarding new data sources, tuning correlation rules, and developing new detection use cases.
• Collaborate with other teams to support incident response, vulnerability management, and threat hunting activities.
• Conduct threat analysis, log analysis, and data enrichment using Splunk and other security tools.
• Participate in regular security reviews and audits, providing evidence and reporting as needed.
• Contribute to documentation and security process improvements.
• Stay up to date with emerging threats, vulnerabilities, and best practices in cybersecurity and SIEM technologies.
Required Qualifications:
• Active TS SCI w/ CI Poly Clearance
• Active DoD 8570 IAT Level II certification (e.g., Security+ CE, CCNA Security, CySA+, etc.).
• CSSP Auditor certification (e.g., CEH, CySA+, CISA, or equivalent).
• 2+ years of experience in government cybersecurity operations, security monitoring, or incident response.
• Proven hands-on experience with Splunk Enterprise Security (ES) for security monitoring and analysis.
• Strong knowledge of SIEM concepts, threat detection, and log correlation.
• Familiarity with common security frameworks (NIST, MITRE ATT&CK, etc.).
• Solid understanding of networking concepts, operating systems (Windows, Linux), and common attack techniques.
• Ability to interpret and analyze logs from firewalls, IDS/IPS, servers, endpoints, and other security devices.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent written and verbal communication skills.
Preferred Qualifications:
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin, Splunk SOAR Certified Automation Developer).
• Experience with threat hunting and security automation (SOAR) tools.
• Knowledge of scripting (Python, PowerShell) for automation and enrichment tasks.
• Previous experience in a Security Operations Center (SOC) environment.
Company Description:
ASI has one of the lowest employee turnover rates in our industry. We attribute our retention success to factors that include:
- Technically interesting and challenging project work,
- Project work relevant to the missions of our government and commercial customers,
- Competitive salaries,
- World class benefit package,
- A corporate culture that promotes the welfare and development of our employees.
ASI sees professionals with outstanding technical and operational qualifications who demonstrate an uncommon work ethic and a commitment to mission. We enjoy the benefits of an ethnically diverse work place.
ASI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, gender, religion, age, disability, veteran's status, or any other classification as required by law.
To Apply and Learn More about Arion Systems:
ASI's Website: www.arionsys.com
Send your resume to: hr@arionsys.com
As a Security Analyst, you will provide day-to-day security monitoring, incident response, and threat analysis leveraging Splunk Enterprise Security (ES) and SOAR platforms. You will also play an active role in the ongoing buildout, configuration, and engineering of our Splunk ES environment, including onboarding new data sources, creating detection content, and developing automated response workflows.
This role is ideal for candidates who want to blend security operations expertise with SIEM engineering and automation development in a fast-paced government setting.
Key Responsibilities:
• Monitor and analyze security events using Splunk Enterprise Security (ES) dashboards, alerts, and correlation searches.
• Investigate and respond to security incidents, including triage, root cause analysis, containment, and remediation support.
• Develop and fine-tune correlation rules, alerts, and dashboards in Splunk ES to improve threat detection capabilities.
• Design, build, and maintain automated response playbooks using SOAR tools (e.g., Splunk SOAR or similar platforms) to streamline and standardize incident response workflows.
• Assist with the engineering, configuration, and ongoing buildout of Splunk ES, including onboarding new data sources, tuning correlation rules, and developing new detection use cases.
• Collaborate with other teams to support incident response, vulnerability management, and threat hunting activities.
• Conduct threat analysis, log analysis, and data enrichment using Splunk and other security tools.
• Participate in regular security reviews and audits, providing evidence and reporting as needed.
• Contribute to documentation and security process improvements.
• Stay up to date with emerging threats, vulnerabilities, and best practices in cybersecurity and SIEM technologies.
Required Qualifications:
• Active TS SCI w/ CI Poly Clearance
• Active DoD 8570 IAT Level II certification (e.g., Security+ CE, CCNA Security, CySA+, etc.).
• CSSP Auditor certification (e.g., CEH, CySA+, CISA, or equivalent).
• 2+ years of experience in government cybersecurity operations, security monitoring, or incident response.
• Proven hands-on experience with Splunk Enterprise Security (ES) for security monitoring and analysis.
• Strong knowledge of SIEM concepts, threat detection, and log correlation.
• Familiarity with common security frameworks (NIST, MITRE ATT&CK, etc.).
• Solid understanding of networking concepts, operating systems (Windows, Linux), and common attack techniques.
• Ability to interpret and analyze logs from firewalls, IDS/IPS, servers, endpoints, and other security devices.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent written and verbal communication skills.
Preferred Qualifications:
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin, Splunk SOAR Certified Automation Developer).
• Experience with threat hunting and security automation (SOAR) tools.
• Knowledge of scripting (Python, PowerShell) for automation and enrichment tasks.
• Previous experience in a Security Operations Center (SOC) environment.
Company Description:
ASI has one of the lowest employee turnover rates in our industry. We attribute our retention success to factors that include:
- Technically interesting and challenging project work,
- Project work relevant to the missions of our government and commercial customers,
- Competitive salaries,
- World class benefit package,
- A corporate culture that promotes the welfare and development of our employees.
ASI sees professionals with outstanding technical and operational qualifications who demonstrate an uncommon work ethic and a commitment to mission. We enjoy the benefits of an ethnically diverse work place.
ASI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, gender, religion, age, disability, veteran's status, or any other classification as required by law.
To Apply and Learn More about Arion Systems:
ASI's Website: www.arionsys.com
Send your resume to: hr@arionsys.com
group id: 10188992