Job Description ECS is seeking a
Sr Splunk Specialist (
Cyber Security Engineer SME III) to work on our customers site located in
Alexandria, VA or Seaside, CA. Please Note: This position is contingent upon contract award. ECS is seeking a Sr Splunk Specialist (Cyber Security Engineer SME III) to work in
Alexandria , VA or
Seaside, CA where you will be supporting DMDC. This is a team lead position responsible for overseeing and working directly with a team of Splunk Engineers and Analysts to analyze, triage, and support data transformation initiatives. This role is at the forefront of enhancing our client's security data environment to provide optimal up time of the platform.
We are currently seeking a skilled Splunk Specialist who possesses a keen interest in expanding their expertise to encompass Splunk technologies. This role offers an exciting opportunity for individuals eager to delve into the dynamic realm of Splunk Operations and Development while leveraging existing proficiency in technologies across Systems and Cyber.
- Serve as the Lead Splunk Engineer and Analyst.
- Lead and manage the continued deployment, expansion, and day-to-day maintenance and administration of Security Information & Event Management (SIEM) operations.
- Maintain operational proficiency of Splunk servers, forwarders, indexers and search heads.
- Conduct Assessments and support system components according to DISA STIGs, Security Requirements Guides (SRG), and applicable DoD orders and directives
- Build use cases and dashboards depending on requirements.
- Work closely with the Incident Response team on handling incident and problem management for the SIEM infrastructure.
- Facilitate the integration of new data sources into the SIEM.
- Develop detailed security design documentation for component and interface specifications to support system design and development.
- Track, measure and evaluate logging security posture across the enterprise.
- Mentor analysts and engineers on Splunk technologies and components.
- Candidate may also provide general technical cybersecurity support in the areas of vulnerability assessment, risk assessment, network security, and security implementation. Additional general duties include implementation and support for protecting the confidentiality, integrity and availability of sensitive information; providing input into the design of IS contingency plans; and conducting testing and audit log reviews to evaluate the effectiveness of current security measures.
Salary Range: $160,000 - $180,000
General Description of Benefits
Required Skills Minimum vetting Tier 5(T5)-Single Scope Background Investigation (SSBI) - Active DoD 8570 IAT Level 2 or Level 3 certification for compliance, including at least one of the following certifications in good standing: CompTIA CISA+, CompTIA Security, ISC2 CISSP, ISC2 CCSP, or ISC2 SSCP
- Computing Environment Certification
- Bachelor's degree and 10+ years of Information Technology or Cybersecurity related experience
- Subject matter expertise in Splunk and Splunk Enterprise Security, with proven experience designing, configuring, deploying, monitoring, and optimizing log management in a distributed, complex enterprise
- Experience delivering Tier-3 cybersecurity support, including resolving critical issues, mentoring junior personnel, and performing post mortem analysis to identify, document, and implement lessons learned within a continuing quality improvement framework
- Comprehensive awareness of IT operations business requirements, with the ability to deliver cyberhardening and cybersecurity requirements while not degrading system availability, functionality, or performance
- Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
- Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions
- Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
- Knowledge of DoD cybersecurity policies, practices, and requirements
- Strong organizational skills
Desired Skills - Splunk Certified
- CISSP, CASP, CEH certifications
- Systems architecture, engineering, and networking experience, with computing environment certifications
- Experience in threat, vulnerability, and risk management and mitigation
- Cybersecurity incident response experience
- Proven experience supporting all aspects of diverse endpoint systems
- Knowledge of and experience administering, optimizing, and securing cloud environments
- Expert knowledge of and experience configuring, optimizing, troubleshooting, securing, scanning, and penetration testing endpoint systems, including Windows workstations, Windows servers, and Linux servers
- Experience applying troubleshooting techniques across various server, application, and network technologies
#ECS1
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
Never miss an opportunity! Create an alert based on the job you applied for.
