Today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
No Traveling
IT - Security
Eglin AFB, FL (Off-Site/Hybrid)
Role Responsibilities:
Develop and implement automation and efficiencies with Splunk and create workflows
Oversee application architecture and deployment in cloud platform environments
Manage application availability, performance, and pro-actively find performance bottlenecks
Enable integration of Splunk Core and Splunk ES and development of the single pane of glass dashboard
Perform monitoring and security incident triage through the review of SIEM events, network traffic data collection, endpoint activity logs
Develop and Implement Apps & Knowledge Objects (KO) like dashboard, reports, and data models as well as actionable alerts and workflow for Splunk as a cybersecurity monitoring tool
Implement best in class engineering strategies to support a distributed clustered Splunk environment consisting of Search Heads, Indexers, Forwarders, Splunk Enterprise Security (ES) app spanning security, performance, engineering, and operational roles
ACAS/Nessus scanning with SIEM/Splunk to configure and operate SIEM, create dashboards and reports Incident handling procedures
Work closely with other teams and business stakeholders to gather requirements, perform troubleshooting, provide assistance with the creation of Splunk search queries and dashboards design automated solutions for performance, privacy, and compliance
Be the engineering voice in helping recognize and onboard new data sources into Splunk, analyze the data for anomalies and trends, and building dashboards highlighting the key trends of the data
Requirements
2+ years working with Splunk or Lambda
2+ years of using information security and assurance practices and principles
3+ years of experience with Special Access Programs
3+ years of Enterprise system engineering and administration
Relevant Associates or Bachelor’s Degree or, supporting certifications and relevant job or military experience of 4 years in lieu of degree
DoD 8570 IAT Level II certification or higher (Sec+, CISSP, CASP, etc.) or DoD 8140 equivalent
Must hold an active DoD Top Secret Security clearance with SCI eligibility. Must be willing to undergo a polygraph examination.
Preferred Requirements:
Splunk Enterprise Certified Architect, Splunk Enterprise Security Certified Admin, Splunk Core Certified Consultant
Experience working in a cloud environment, preferably AWS GovCloud
Experience working in a DevSecOps project environment
Ability to work cross-functionally with application teams to modernize applications where appropriate and support cloud integration efforts with Splunk
Strong verbal and written communication skills
Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers
Ability to interface with seasoned Government personnel
Ability to work in a matrixed team environment and support multiple different efforts as needed
Desire to learn new technologies and tools and willing to share your experience with the team
JSIG or ICD 503 compliance knowledge
Develop and implement automation and efficiencies with Splunk and create workflows
Oversee application architecture and deployment in cloud platform environments
Manage application availability, performance, and pro-actively find performance bottlenecks
Enable integration of Splunk Core and Splunk ES and development of the single pane of glass dashboard
Perform monitoring and security incident triage through the review of SIEM events, network traffic data collection, endpoint activity logs
Develop and Implement Apps & Knowledge Objects (KO) like dashboard, reports, and data models as well as actionable alerts and workflow for Splunk as a cybersecurity monitoring tool
Implement best in class engineering strategies to support a distributed clustered Splunk environment consisting of Search Heads, Indexers, Forwarders, Splunk Enterprise Security (ES) app spanning security, performance, engineering, and operational roles
ACAS/Nessus scanning with SIEM/Splunk to configure and operate SIEM, create dashboards and reports Incident handling procedures
Work closely with other teams and business stakeholders to gather requirements, perform troubleshooting, provide assistance with the creation of Splunk search queries and dashboards design automated solutions for performance, privacy, and compliance
Be the engineering voice in helping recognize and onboard new data sources into Splunk, analyze the data for anomalies and trends, and building dashboards highlighting the key trends of the data
Requirements
2+ years working with Splunk or Lambda
2+ years of using information security and assurance practices and principles
3+ years of experience with Special Access Programs
3+ years of Enterprise system engineering and administration
Relevant Associates or Bachelor’s Degree or, supporting certifications and relevant job or military experience of 4 years in lieu of degree
DoD 8570 IAT Level II certification or higher (Sec+, CISSP, CASP, etc.) or DoD 8140 equivalent
Must hold an active DoD Top Secret Security clearance with SCI eligibility. Must be willing to undergo a polygraph examination.
Preferred Requirements:
Splunk Enterprise Certified Architect, Splunk Enterprise Security Certified Admin, Splunk Core Certified Consultant
Experience working in a cloud environment, preferably AWS GovCloud
Experience working in a DevSecOps project environment
Ability to work cross-functionally with application teams to modernize applications where appropriate and support cloud integration efforts with Splunk
Strong verbal and written communication skills
Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers
Ability to interface with seasoned Government personnel
Ability to work in a matrixed team environment and support multiple different efforts as needed
Desire to learn new technologies and tools and willing to share your experience with the team
JSIG or ICD 503 compliance knowledge
group id: 90678720
