Description:

Performs a variety of routine project tasks applied to specialized information assurance problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. Analyzes information security requirements. Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. Provides security engineering support for planning, design, development, testing, demonstration, integration of information systems. Analyzes threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and a variety of other sources. Creates customized dashboards using Security Information and Event Management (SIEM) tool Splunk ES to elevate high threat items to incident responders. Administration knowledge of the Splunk ES and backend database infrastructure related to upgrades and daily maintenance is essential. Provide analysis and make recommendations in line with the roles of CERT Incident Handlers (IH) and site Information Assurance Managers (IAM). Develop ES rules, reports, dashboards, data monitors, active channels, trends and use cases to identify threats and optimize data mining across DLA. Will research, plan, install, configure, troubleshoot, maintain and backup all components in the DLA Splunk Enterprise Log Management (ELM) architecture.

Minimum Experience:

 Seven (7) years of relevant IT experience

 DOD Secret Clearance

 Must be eligible for IT I

 Relevant certification meeting DOD 8570.01 IAT level III

 Relevant certification meeting DOD 8570.01 CND-IS

 Computing Environment: Linux+, Splunk Administrator

 Experience creating custom dashboards and reports in Splunk using threat data.

Experience in the integration and sustainment of Splunk Core and Splunk Enterprise Security (ES)

Skills:

security, splunk enterprise, SOAR, Network security, cyber security, forescout, splunk, F5, CISSP, Secret Clearance, SSBI, CEH

Top Skills Details:

security,splunk enterprise,SOAR,Network security

Additional Skills Qualifications:

this resource will be one of the primary resource in the DLA Cyber Tools team in engineering, configuring, maintaining and otherwise "owning" the tools in which they will specialize in (F5, Fore Scout, etc.); the day-to-day will be project as well as ticket-based work as it applies to the description

*We are NOT looking for someone who uses these tools as an analyst or incident responder. This person must have deployed, engineered, administered or managed splunk

Experience Level:

Expert Level

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.