Posted today
Secret
Unspecified
Unspecified
IT - Security
New Orleans, LA (On-Site/Office)
CYBER ENGINEER (Splunk Analyst)- A SECRET CLEARANCE IS A MUST HAVE TO START
The Navy Standard Integrated Personnel System (NSIPS) is seeking a Cyber Engineer/Splunk Analyst to join their team. NSIPS is the Navy's single, field-entry, electronic pay and personnel system for all USN/USNR Sailors.
As the Cyber Analyst you will:
Basic Qualifications:
Telecommuting Options:
GDIT IS YOUR PLACE:
• Full-flex work week to own your priorities at work and at home
• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays
Work Requirements
The Navy Standard Integrated Personnel System (NSIPS) is seeking a Cyber Engineer/Splunk Analyst to join their team. NSIPS is the Navy's single, field-entry, electronic pay and personnel system for all USN/USNR Sailors.
As the Cyber Analyst you will:
- Designs develop, test, and evaluate information system security throughout the systems development life cycle
- Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- Evaluate firewall change requests and assess organizational risk
- Communicates alerts to teams regarding intrusions and compromises to their network infrastructure, applications, and operating systems
- Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
- Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs
- Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external Web integrity scans to determine compliance
- Prepares incident reports of analysis methodology and results
- Implement approved Splunk SaaS architecture and design
- Support and maintain high availability for SaaS Splunk deployments
- Maintain Splunk architectural diagrams and documentation
- Ensure compliance with regulations and privacy laws
- Perform DoD system certification and accreditation activities as prescribed by IA leadership
- Develop and document IA processes and procedures for the environment as necessary
- Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research
- DISA Security Technical Implementation Guidelines (STIG) for an operational DoD environment, including scheduling, validation, remediation, and reporting
- Work with customers, software developers, network/system administrators, and others to ensure that security requirements are understood and implemented
Basic Qualifications:
- BS degree; 3 additional years of experience may be considered in lieu of a degree
- 1-2+ years of experience with log sources, including various network, host, and application logs
- 1-3+ years of experience in utilizing SIEM for log analysis, monitoring, and investigation
- 1-2+ years of experience identifying attacker tactics, techniques, and procedures
- 1-2+ years of experience using threat intelligence to find suspicious activities proactively and iteratively in available security telemetry
- 1-2+ years of experience working in a Security Operations Center (SOC) environment
- 1-3+ years of hands-on experience writing and optimizing detection queries using various query languages, particularly in SPL for Splunk
- Demonstrated understanding of modern attack patterns and threat landscape
- Demonstrated excellent analytical and problem-solving skills with the ability to identify and mitigate security risks
- 1-2+ years of experience in intrusion detection, security investigations, and incident response
- 1-3+ years of experience and working knowledge of Splunk Enterprise Security platform
- 1-2+ years of experience in Detection Engineering or Digital Forensics with broad knowledge of security domain
- 1-2+ years of experience of KQL for Microsoft Defender EDR
- Demonstrated expertise in EDR, email security, and securing SaaS applications
- DOD 8570 IA Level II Certification required (i.e. Security+ CE); CISSP, CISA, and CISM certifications preferred.
- SECRET CLEARANCE REQUIRED TO START
Telecommuting Options:
- Remote
GDIT IS YOUR PLACE:
• Full-flex work week to own your priorities at work and at home
• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays
Work Requirements
group id: 90979310
