Senior Cyber Security Engineer

Dexian Signature
Herndon, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Herndon, United States of America

Tech stack

Amazon Web Services (AWS)
CentOS
Configuration Management
Computer Security
Information Systems
Network Security
Linux Distribution
Role-Based Access Control
Red Hat Enterprise Linux - RHEL
Security Information and Event Management
Transmission Control Protocol (TCP)
Cloud Platform System
Operating System Security
Splunk
Vulnerability Analysis

Job description

  • Troubleshoot new and existing data collection issues to ensure accurate and reliable ingestion of security-relevant data.

  • Diagnose and resolve system issues that impact stability, performance, or usability.

  • Deploy, manage, and maintain supported and unsupported Splunk Add-ons required for specific data sources.

  • Develop and maintain documentation, including Body of Evidence (BOE) artifacts, engineering documentation, change management records, system security plans, and accreditation materials, as required.

  • Deliver a comprehensive Splunk deployment document detailing specifications, deployment methods, and architectural considerations for production environments.

  • Implement and maintain strict role-based access control to ensure data is accessible on a validated need-to-know basis.

  • Design and deploy Splunk forwarders using centralized configuration management through the Splunk Deployment Server to support rapid and consistent deployments.

Requirements

  • Bachelor's degree, or 4+ additional years of cyber experience in lieu of a degree.

  • 5+ years of experience in a cybersecurity role.

  • Experience with Security Information and Event Management (SIEM) platforms and/or Splunk.

  • Knowledge of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts.

  • Knowledge of Certification and Accreditation (C&A) processes.

  • Knowledge of DoD policy and technical security guidance for information systems.

  • DoD Directive 8570.1 IAT Level II or higher certification, or the ability to obtain within six (6) months.

  • Splunk certification is required. Preferred Qualifications:

  • Experience with Linux distributions, including Red Hat and CentOS.

  • Experience with AWS or other cloud environments.

  • Knowledge of ICS 500-27 audit collection requirements.

  • Familiarity with Enterprise Security Services, Host Based Security Services, Enterprise Vulnerability Scanning Services, and User Activity Monitoring (UAM).

  • Ability to modify feed creation to ingest customer logs in standardized formats to meet policy and compliance requirements. Clearance Requirements:

  • An active TS/SCI with Polygraph is required. Physical Requirements:

  • Must be able to remain in a stationary position 50% of the time.

  • Occasionally moves about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers via email, phone, or virtual communication, which may involve delivering presentations

Apply for this position