Yesterday
Top Secret/SCI
Mid Level Career (5+ yrs experience)
$150,000 and above
No Traveling
CI Polygraph
IT - Security
Denver, CO (On-Site/Office)
Senior Principal Cyber Security Engineer
Denver, CO.
Responsibilities include but are not limited to:
•
Troubleshoot new and current data collection issues
•
Troubleshoot system issues that make the system unstable or unusable.
•
Deploy and manage all supported and unsupported Splunk Add-ons that are required for specific data sources
•
Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents
•
Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.
•
Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability
•
Forward Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server).
Minimum Qualifications
• Bachelor’s degree or 4+ additional years of cyber experience in lieu of degree
• 10+ years of experience in a cyber role
• Experience with Security Information and Event Management (SIEM) platforms, and/or Splunk
• Knowledge of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts
• Knowledge of Certification & Accreditation processes
• Knowledge of DoD policy and technical security guidance to information systems
• DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.
• Splunk Certification is required
Preferred Qualifications:
• Experience with Linux, Red Hat and CentOS
• Experience with AWS or other cloud environments
• Knowledge of ICS 500-27 for Audit collection requirements
• Knowledge of Enterprise Security Services, Host Base Security Service, Enterprise Vulnerability Scanning Service, and UAM
• Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.
Security Clearance Requirements:
•
Must have a current/active TS/SCI w/Polygraph
Denver, CO.
Responsibilities include but are not limited to:
•
Troubleshoot new and current data collection issues
•
Troubleshoot system issues that make the system unstable or unusable.
•
Deploy and manage all supported and unsupported Splunk Add-ons that are required for specific data sources
•
Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents
•
Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.
•
Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability
•
Forward Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server).
Minimum Qualifications
• Bachelor’s degree or 4+ additional years of cyber experience in lieu of degree
• 10+ years of experience in a cyber role
• Experience with Security Information and Event Management (SIEM) platforms, and/or Splunk
• Knowledge of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts
• Knowledge of Certification & Accreditation processes
• Knowledge of DoD policy and technical security guidance to information systems
• DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.
• Splunk Certification is required
Preferred Qualifications:
• Experience with Linux, Red Hat and CentOS
• Experience with AWS or other cloud environments
• Knowledge of ICS 500-27 for Audit collection requirements
• Knowledge of Enterprise Security Services, Host Base Security Service, Enterprise Vulnerability Scanning Service, and UAM
• Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.
Security Clearance Requirements:
•
Must have a current/active TS/SCI w/Polygraph
group id: 10110693a
