Cyber Data Engineer

TEKSYSTEMS INC.
Lackland Air Force Base, United States of America
yesterday

Role details

Contract type
Contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Lackland Air Force Base, United States of America

Tech stack

Java
Microsoft Windows
Bash
Botnet
Unix
C++
Apache Lucene
Computer Security
Computer Programming
Databases
Software Debugging
Linux
Networking Hardware
Intrusion Detection Systems
Python
Network Security
Lookup Table
Open Web Application Security
Powershell
Red Hat Enterprise Linux - RHEL
Regular Expressions
Security Information and Event Management
XML
Snort (Software)
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
QRadar
Sonicwall
Malware
Firewalls (Computer Science)
Palo Alto Networks
Data Analytics
Patch Management
Free and Open-Source Software
Fortinet
Splunk
Vulnerability Analysis
Programming Languages

Job description

Write and develop scripts to automate the system installation of required patches and configurations to remediated identified system vulnerabilities. Perform coding and development as required to augment default SIEM functionality and facilitate the intercommunications of various security controls. (CDRL A007) Develops basic new cybersecurity capabilities. (CDRL A007) Develop new and maintain existing Splunk, ELK or other search/analytics tool's knowledge objects (Saved searches, reports, dashboards, data models, event types, field aliases, field extractions, macros, lookups, tags) to alert on potentially malicious activity or fulfill compliance/policy requirements. (CDRL A007) Ensure critical data feeds and hosts are sending data. Develop, debug and maintain scripting languages. Create, install and test vulnerability fixes to Windows and Unix/Linux platforms. Assist/lead in conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture. Perform systems security engineering and test efforts associated with implementing security controls on networking devices, databases, operating systems, hardware, and software components. Develop vulnerability reports and investigation impact, resolution and verification of security vulnerabilities and patches; as well as, performing deep-dive and impact analysis into failed patch deployments. (CDRL A008) Develop and provide regular reports on patch management program and overall status of patch compliance. (CDRL A008) Perform and provide vulnerability assessment results and recommendations to the ESM Lead, and DO as necessary. Assess known systems vulnerabilities and verify system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists with no more than a 5% error rate. Document, implement and prioritize patching requirements across the AFIN/AFNet enterprise. (CDRL A008) Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate. Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002) Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009). Support operational leaderships tasking as it relates to Systems Security Engineer functions and responsibilities

Requirements

** Must have an Active TS/SCI** **Must have Masters Degree Must have IAT Level II Cert.

  1. Splunk Processing language, ELK
  2. Programing/ scripting fundamentals
  3. Understanding of SIEM "Search" Language & Lucene Query Syntax and Dashboards, Active TS/SCI More than 3 years of relevant work experience. BA/BS or MA/MS Proficient w/ Splunk Processing Language (SPL), ELK Lucene Query Syntax or other search/analytics tool. Proficient with programming/scripting fundamentals - including regex, C++, Python, RHEL, Unix Scripting, and Windows PowerShell is required. Linux+/Red Hat; RHEL 7. More than three (3) years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, frontline analysis, and response. Understanding of SIEM "Search" Language & Lucene Query Syntax. Understanding of SIEM Dashboard, Reports, Lookup Tables, and Summary Indexes. Knowledge of knowing how to customize Dashboards via the XML source. Experience with SIEM Apps and ELK. Experience with Python Scripting. Programming experience in Python, C/C++, Java, or Go. Demonstrated expertise with malware analysis, including investigations of botnet and root-kit behavior. Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography). Network Security Devices (IDS/IPS, NGFW, WAF, NGAV). OSSEC, Snort, Suricata Experience. Experience with at least one SIEM i.e Alienvault, Logrhythm, Splunk, Qradar , ELK and Firewalls such as Fortinet, Sonicwall, and Palo Alto. Scanning technologies, Log collection and analysis tools (SIEM). Experience with Scripting/Programming Languages (BASH, Python, Java, etc). Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects).

********************************************************************************************************* * This position requires an active DoD Clearance (Secret, Top Secret, Top Secret/SCI) or the ability to be obtain an (Interim Secret, Interim Top Secret)

  • Because an active or interim DoD clearance is required, U.S. Citizenship is required

Benefits & conditions

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: -Medical, dental & vision -Critical Illness, Accident, and Hospital -401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available -Life Insurance (Voluntary Life & AD&D for the employee and dependents) -Short and long-term disability -Health Spending Account (HSA) -Transportation benefits -Employee Assistance Program -Time Off/Leave (PTO, Vacation or Sick Leave)

Apply for this position