No more applications are being accepted for this job
- Participate in developing security-focused content for our Splunk implementations across the four classified Department of Defense (DoD) networks
- Leverage automation techniques and develop scripts to manipulate data repositories to support data and threat analysis
- Deploy and handle Splunk indexers, search heads, forwarders, and other Enterprise components within the distributed environments
- Assist with the Assessment and Authorization (A&A) of the Splunk environment
- Review systems to identify potential security weaknesses, recommend improvements, and implement changes
- Work with existing and custom Splunk applications and add-ons to meet compliance requirements
- Leverage programming skills (e.g., CSS, HTML, JavaScript, Python, shell scripting) to automate security tools management
- Track and implement responses and actions to address operational and communication orders from governing organizations
- A BS degree in Computer Science, Management Information Systems, Computer Information Systems, Information Assurance, or comparable field or equivalent years of professional relevant
- 2+ years of Security Engineering experience working with DoD IT enclaves, systems, and solutions
- 1+ years of experience with application and OS enterprise logging, managing, creating rule sets and threat detection logic in Splunk
- Splunk Search Processing Language (SPL) and Regular Expression expertise
- Splunk Core Certified Advanced Power User certification
- Hold an active Secret security clearance with the ability to obtain a Top-Secret clearance
- Are able to work occasional weekends and other after-hours to handle and/or complete critical project/work-related business needs.
- Strong communication and presentation skills
- Intermediate expertise with Red Hat Enterprise Linux (RHEL) version 8 and 9
- 3+ years of experience leveraging Splunk or audit logs for incident response and user behavior analytics
- Experience reviewing network, host and firewall security logs
- Experience with using scripting languages such as CSS, HTML, JavaScript, Python, and shell scripting to automate tasks and manipulate data
- Experience with Splunk Machine Learning Toolkit (MLTK)
- Splunk Enterprise Certified Admin or Splunk Enterprise Certified Architect
- Current industry certification aligned to DoD Manual 8570, 01-M for IAT II
Splunk Administrator with Security Clearance - Laurel, MD, United States - Johns Hopkins University Applied Physics Laboratory
Description
Are you searching for exciting and impactful work supporting several diverse Classifiednetworks? Are you a self-starter that is passionate about crafting visualizations, reports and charts? If so, we're looking for someone like you to apply and join our team at APL The Splunk Administrator will be a valued member of the team with overall responsibility for engineering, operating, and managing the Splunk Enterprise environment across five classified security enclaves
We provide technical expertise to meet compliance and security objectives across networked environments that require Audit and Logging Operations, Incident Identification and Response Coordination
Each environment consists of Splunk forwarders, indexers, search heads, centralized log servers, with varying data ingests
You will lead operational responsibilities to include security and overall performance management of the environment
As a Splunk Administrator, you will...
Assist with architecting log management, and data ingest solutions to ensure they are scalable and efficient
Analyze and make recommendations for Risk Management Framework (RMF) compliance requirements.
Perform risk assessments along with Security Test & Evaluations (ST&E) of Splunk components and, ensure network computer systems align with the Information Assurance Vulnerability Management (IAVM) standards.
Work with the Vulnerability Management team to remediate findings from Assured Compliance Assessment Solution (ACAS)/Nessus and Host-Based Security Solution (HBSS) scans and other automated and manual assessment tools such as DoD Security Technical Implementation Guides (STIGs).
Identify data accessed, destination and source addresses, timestamps, user login information, and specific sequence of activities to formulate courses of action and/or responses
Qualifications You will meet the minimum requirements if you have...
Eligibility requirements include U.S
citizenship.
We offer a vibrant, innovation ecosystem where you can feel safe to share ideas and to continue to grow personally and professionally
At APL, we celebrate our differences and encourage creativity and bold, new ideas and have earned Best Places to Work accolades in outlets such as Fast Companies and Glassdoor
Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance
APL's campus is located in the Baltimore-Washington metro area
Learn more about our career opportunities at
About Us APL is an Equal Opportunity/Affirmative Action employer
All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law
APL is committed to promoting an innovative environment that embraces diversity, encourages creativity, and supports inclusion of new ideas
In doing so, we are committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities
If you require a reasonable accommodation to participate in any part of the hiring process, please contact
Only by ensuring that everyone's voice is heard are we empowered to be bold, do great things, and make the world a better place.