Job Requirements
Chantilly, VA
Top Secret/SCI CI Polygraph
Mid Level Career (5+ yrs experience)
$125,000 - $135,000
Job Description
Responsibilities include but are not limited to:
• Troubleshoot new and existing data collection issues to ensure accurate and reliable ingestion of
security-relevant data.
• Diagnose and resolve system issues that impact stability, performance, or usability.
• Deploy, manage, and maintain supported and unsupported Splunk Add-ons required for specific
data sources.
• Develop and maintain documentation, including Body of Evidence (BOE) artifacts, engineering
documentation, change management records, system security plans, and accreditation
materials, as required.
• Deliver a comprehensive Splunk deployment document detailing specifications, deployment
methods, and architectural considerations for production environments.
• Implement and maintain strict role-based access control to ensure data is accessible on a
validated need-to-know basis.
• Design and deploy Splunk forwarders using centralized configuration management through the
Splunk Deployment Server to support rapid and consistent deployments.
Minimum Qualifications:
• Bachelor’s degree, or 4+ additional years of cyber experience in lieu of a degree.
• 5+ years of experience in a cybersecurity role.
• Experience with Security Information and Event Management (SIEM) platforms and/or Splunk.
• Knowledge of Linux systems administration, general operating system security practices, TCP/IP
networking, and network security concepts.
• Knowledge of Certification and Accreditation (C&A) processes.
• Knowledge of DoD policy and technical security guidance for information systems.
• DoD Directive 8570.1 IAT Level II or higher certification, or the ability to obtain within six (6)
months.
• Splunk certification is required.
Preferred Qualifications:
• Experience with Linux distributions, including Red Hat and CentOS.
• Experience with AWS or other cloud environments.
• Knowledge of ICS 500-27 audit collection requirements.
• Familiarity with Enterprise Security Services, Host Based Security Services, Enterprise
Vulnerability Scanning Services, and User Activity Monitoring (UAM).
• Ability to modify feed creation to ingest customer logs in standardized formats to meet policy and
compliance requirements.
Clearance Requirements:
• An active TS/SCI with Polygraph is required.
Physical Requirements:
• Must be able to remain in a stationary position 50% of the time.
• Occasionally moves about inside the office to access file cabinets, office machinery, or to
communicate with co-workers, management, and customers via email, phone, or virtual
communication, which may involve delivering presentations
• Troubleshoot new and existing data collection issues to ensure accurate and reliable ingestion of
security-relevant data.
• Diagnose and resolve system issues that impact stability, performance, or usability.
• Deploy, manage, and maintain supported and unsupported Splunk Add-ons required for specific
data sources.
• Develop and maintain documentation, including Body of Evidence (BOE) artifacts, engineering
documentation, change management records, system security plans, and accreditation
materials, as required.
• Deliver a comprehensive Splunk deployment document detailing specifications, deployment
methods, and architectural considerations for production environments.
• Implement and maintain strict role-based access control to ensure data is accessible on a
validated need-to-know basis.
• Design and deploy Splunk forwarders using centralized configuration management through the
Splunk Deployment Server to support rapid and consistent deployments.
Minimum Qualifications:
• Bachelor’s degree, or 4+ additional years of cyber experience in lieu of a degree.
• 5+ years of experience in a cybersecurity role.
• Experience with Security Information and Event Management (SIEM) platforms and/or Splunk.
• Knowledge of Linux systems administration, general operating system security practices, TCP/IP
networking, and network security concepts.
• Knowledge of Certification and Accreditation (C&A) processes.
• Knowledge of DoD policy and technical security guidance for information systems.
• DoD Directive 8570.1 IAT Level II or higher certification, or the ability to obtain within six (6)
months.
• Splunk certification is required.
Preferred Qualifications:
• Experience with Linux distributions, including Red Hat and CentOS.
• Experience with AWS or other cloud environments.
• Knowledge of ICS 500-27 audit collection requirements.
• Familiarity with Enterprise Security Services, Host Based Security Services, Enterprise
Vulnerability Scanning Services, and User Activity Monitoring (UAM).
• Ability to modify feed creation to ingest customer logs in standardized formats to meet policy and
compliance requirements.
Clearance Requirements:
• An active TS/SCI with Polygraph is required.
Physical Requirements:
• Must be able to remain in a stationary position 50% of the time.
• Occasionally moves about inside the office to access file cabinets, office machinery, or to
communicate with co-workers, management, and customers via email, phone, or virtual
communication, which may involve delivering presentations
group id: 10110693a