Cybersecurity Engineer with Security Clearance

---

Job description

Responsibilities include, but are not limited to:
• Perform tasks and complete customer requests using the ServiceNow delivery platform.
• Resolve incident tickets issued through ServiceNow.
• On-board customer's assets consisting of operating systems, applications and network devices in multiple enclaves.
• Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.
• Manage the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline. • Assist the Program/Project engineers in testing and implementing future enhancements.
• Utilize, evaluate and update all engineer instruction sets and SOPs.
• Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.
• Troubleshooting new and current data collection issues
• Troubleshooting system issues that make the system unstable or unusable.
• Deployment and Managing all supported and unsupported Splunk Add-ons that are required for specific data sources
• Integrations with other systems via API or other similar methods
• Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents
• Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.
• Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability
• Forwarder Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server). • Oversee Knowledge Object Management such as CIM management and tuning
• Oversee Enterprise Security configurations and tuning
• Experience in the use of network monitoring tools with a strong understanding of network protocols
• Ability to perform security analysis, development and implementation of security policies, standards and guidelines
• Ability to work collaboratively
• Strong Organizational skills are required Basic Qualifications:
• Minimum Education: B.S. or relevant experience in related field.
• Minimum/General Experience: 3-5 years of related experience.
• Must possess the required DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.
• The ideal candidate will be able to work independently and in team environments and be able to take on tasks quickly with minimal direction. • Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.
• Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.
• Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.
• A good understanding of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required. • Familiarity with the Certification & Accreditation process is preferable but not required. Advanced Qualifications:
• Ability to learn and comprehend from provided training in an individual contributor and team capacity.
• Splunk Certifications
• Experience with Linux, Red Hat and CentOS.
• Cloud environment experience and/or certifications.
• Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.
• Familiarization with ICS 500-27 for Audit collection requirements
• Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and UAM
• Ability to clearly articulate ideas for executive - level as well as technical staff consumption
• Analytical capability to look for and provide input on process improvements
• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities. Security Clearance Requirements:
• TS/SCI w/CI Poly Physical Requirements:
• Must be able to remain in a stationary position 50%
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
• The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

<!– job description page –>