Splunk Administrator Level 4 with Security Clearance - Spyros Information & Technology Consulting, LLC
Annapolis Junction, MD 20701
About the Job
Duties:
• Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture.
• Performs on-going security testing and code review to improve software security.
• Troubleshoots and debugs issues that arise.
• Provides engineering designs for new software solutions to help mitigate security vulnerabilities.
• Contributes to all levels of the architecture and maintains technical documentation.
• Consults team members on secure coding practices.
Develops a familiarity with new tools and best practices.
• Designing, implementing, and maintaining SIEM and SOAR solutions.
• Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
• Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
• Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes.
Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc.
and identify / highlight anomalous activities on the dashboards by their severity levels.
• Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards.
• Systems Administration position on subcontract, willing to work with you on which one - Site System Admin-4 or Systems Administration - 4 (Lead System Administrator) Location: Annapolis Junction, MD Qualifications:
• Must possess Active Top Secret clearance with SCI eligibility
• Requires 8 to 10 years experience with BS/BA or 6 to 8 years experience with MS/MA or 3 to 5 years experience with PhD.
• Requires experience with importing data in Splunk from various sources: endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies.
• Requires experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of Splunk.
• Requires experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructure.
• Requires experience building dashboards highlighting the key trends of the data.
• Requires proficiency within a Windows and Linux environment, editing and maintaining Splunk configuration files and apps.
• Experience in working in a Splunk clustered environment supporting SOC or NOC environment required.
• Experience with virtualization technologies required.
• Splunk Architect, Splunk Admin
• DoD 8570 Level 3 Certification Salary Range: The salary range for this position is $80,000 - $160,000.
Final salary is commensurate upon education and applicable years of experience.
• Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture.
• Performs on-going security testing and code review to improve software security.
• Troubleshoots and debugs issues that arise.
• Provides engineering designs for new software solutions to help mitigate security vulnerabilities.
• Contributes to all levels of the architecture and maintains technical documentation.
• Consults team members on secure coding practices.
Develops a familiarity with new tools and best practices.
• Designing, implementing, and maintaining SIEM and SOAR solutions.
• Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs
• Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices.
• Utilize expertise in Splunk "Search" language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes.
Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc.
and identify / highlight anomalous activities on the dashboards by their severity levels.
• Perform troubleshooting and provide assistance with the creation of Splunk search queries and dashboards.
• Systems Administration position on subcontract, willing to work with you on which one - Site System Admin-4 or Systems Administration - 4 (Lead System Administrator) Location: Annapolis Junction, MD Qualifications:
• Must possess Active Top Secret clearance with SCI eligibility
• Requires 8 to 10 years experience with BS/BA or 6 to 8 years experience with MS/MA or 3 to 5 years experience with PhD.
• Requires experience with importing data in Splunk from various sources: endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies.
• Requires experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of Splunk.
• Requires experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructure.
• Requires experience building dashboards highlighting the key trends of the data.
• Requires proficiency within a Windows and Linux environment, editing and maintaining Splunk configuration files and apps.
• Experience in working in a Splunk clustered environment supporting SOC or NOC environment required.
• Experience with virtualization technologies required.
• Splunk Architect, Splunk Admin
• DoD 8570 Level 3 Certification Salary Range: The salary range for this position is $80,000 - $160,000.
Final salary is commensurate upon education and applicable years of experience.
Source : Spyros Information & Technology Consulting, LLC