Req ID: RQ213445
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: Secret
Public Trust/Other Required: None
Job Family: Cyber and IT Risk Management
Skills:
McAfee Host Intrusion Prevention,McAfee Network Security,Splunk Administration,Splunk Enterprise Security,Splunk Infrastructure Monitoring
Certifications:
AWS Certified AI Practitioner | Amazon Web Services (AWS) - Amazon Web Services (AWS), Splunk Core Certified Advanced Power User | Splunk - Splunk, Splunk Core Certified Power User | Splunk - Splunk
Experience:
3 + years of related experience
US Citizenship Required:
Yes
Job Description:
CYBER ENGINEER (Splunk Analyst)- A SECRET CLEARANCE IS A MUST HAVE TO START
The Navy Standard Integrated Personnel System (NSIPS) is seeking a Cyber Engineer/Splunk Analyst to join their team. NSIPS is the Navy's single, field-entry, electronic pay and personnel system for all USN/USNR Sailors.
As the Cyber Analyst you will:
Designs develop, test, and evaluate information system security throughout the systems development life cycle
Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Evaluate firewall change requests and assess organizational risk
Communicates alerts to teams regarding intrusions and compromises to their network infrastructure, applications, and operating systems
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs
Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external Web integrity scans to determine compliance
Prepares incident reports of analysis methodology and results
Implement approved Splunk SaaS architecture and design
Support and maintain high availability for SaaS Splunk deployments
Maintain Splunk architectural diagrams and documentation
Ensure compliance with regulations and privacy laws
Perform DoD system certification and accreditation activities as prescribed by IA leadership
Develop and document IA processes and procedures for the environment as necessary
Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research
DISA Security Technical Implementation Guidelines (STIG) for an operational DoD environment, including scheduling, validation, remediation, and reporting
Work with customers, software developers, network/system administrators, and others to ensure that security requirements are understood and implemented
Basic Qualifications:
BS degree; 3 additional years of experience may be considered in lieu of a degree
1-2+ years of experience with log sources, including various network, host, and application logs
1-3+ years of experience in utilizing SIEM for log analysis, monitoring, and investigation
1-2+ years of experience identifying attacker tactics, techniques, and procedures
1-2+ years of experience using threat intelligence to find suspicious activities proactively and iteratively in available security telemetry
1-2+ years of experience working in a Security Operations Center (SOC) environment
1-3+ years of hands-on experience writing and optimizing detection queries using various query languages, particularly in SPL for Splunk
Demonstrated understanding of modern attack patterns and threat landscape
Demonstrated excellent analytical and problem-solving skills with the ability to identify and mitigate security risks
1-2+ years of experience in intrusion detection, security investigations, and incident response
1-3+ years of experience and working knowledge of Splunk Enterprise Security platform
1-2+ years of experience in Detection Engineering or Digital Forensics with broad knowledge of security domain
1-2+ years of experience of KQL for Microsoft Defender EDR
Demonstrated expertise in EDR, email security, and securing SaaS applications
DOD 8570 IA Level II Certification required (i.e. Security+ CE); CISSP, CISA, and CISM certifications preferred.
SECRET CLEARANCE REQUIRED TO START
Telecommuting Options:
Remote
GDIT IS YOUR PLACE:
? Full-flex work week to own your priorities at work and at home
? 401K with company match
? Comprehensive health and wellness packages
? Internal mobility team dedicated to helping you own your career
? Professional growth opportunities including paid education and certifications
? Cutting-edge technology you can learn from
? Rest and recharge with paid vacation and holidays
The likely salary range for this position is $85,093 - $109,342. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
