Security Splunk Architect/Engineer - Olympia, United States - Nodel
Description
Location:
Washington DC metro area (Hybrid)
Must have an active Secret OR Top Secret ClearanceWe are seeking a Security Splunk Architect/Engineer to support a Navy enterprise network within the Engineering and Cyber Divisions.
Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.
Implements, tests, and operates advanced software security techniques in compliance with technical reference architecturePerforms on-going security testing and code review to improve software securityTroubleshoots and debugs issues that ariseProvides engineering designs for new software solutions to help mitigate security vulnerabilitiesContributes to all levels of the architecture and maintains technical documentationConsults team members on secure coding practices.
Develops a familiarity with new tools and best practicesDesigning, implementing, and maintaining SIEM and SOAR solutionsDesign and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIsMaintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devicesUtilize expertise in Splunk 'Search' language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes.
Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc.
and identify / highlight anomalous activities on the dashboards by their severity levelsPerform troubleshooting and provide assistance with the creation of Splunk search queries and dashboardsRequirementsQualificationsRequires a BA or BS (Cyber Security, Computer Science, Information Systems, Software Engineering, Computer Engineering, or related field); relevant experience may be a substitute for educationRequires at least five (5) years of professional experienceRequires an active Secret OR TS/SCIRequires experience with importing data in Splunk from various sources:endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security, and technologiesRequires experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of SplunkRequires experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructureRequires experience building dashboards highlighting the key trends of the dataRequires proficiency within a Windows and Linux environment, editing and maintaining Splunk configuration files and appsExperience in working in a Splunk clustered environment supporting SOC or NOC environment requiredExperience with virtualization technologies required
Preferred Certifications:
Splunk Architect, Splunk AdminDoD 8570 Level 3 Certification
Company Overview:
Node.
Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
Our Core Values help us in our mission.
They include:
OUR CORE VALUESIdentifying the:
RIGHT PEOPLE:
and developing them to their full capabilitiesOur customer's 'Mission' is our 'Mission'
Our:
MISSION FIRST:
approach is designed to keep our customers fully engaged while becoming their trusted partnerWe believe in:
SIMPLIFYING:
complex problems with a relentless focus on agile delivery excellenceOur mantra is ':Simple*Secure*Speed:' in the delivery of innovative services and solutionsBenefitsWe are proud to offer competitive compensation and benefits packages to include:MedicalDentalVisionBasic LifeLong-Term DisabilityHealth Saving Account401KThree weeks of PTO10 Paid HolidaysPre-Approved Online Training#J-18808-Ljbffr