SIEM Engineer/Splunk Certified Administrator, Senior
Annapolis Junction, Maryland
Full Time Senior-level / Expert Clearance required USD 102K - 191K *
Navstar Inc.
Would you like to perform rewarding work while contributing to the success of an established, growing company? Navstar is an award-winning organization that has a proven track record of successfully providing IT services and solutions both as a prime and sub-contractor on mission focused IT programs. Our employees are integral players in support of mission-critical programs focused on our National Security.
Role Description:
The selected candidate will be responsible for configuring the collection, parsing, correlation, and visualization of events for a critical operational system. She/he will demonstrate strong skills in system administration, log management, event correlation, and threat detection and will support building and maintaining a system that analyzes collected data and derives facts, inferences, and projections to determine if the systems being monitored are operating normally. The individual will work on a team responsible for configuring the systems which support analysts and end-users. The successful candidate will support the collection and extraction of data used to refine existing and new reports, analytics, and dashboards, and will be involved with the drafting and creation of reports and dashboards based on end-user requirements. She/he will also support the integration of resources across teams to better define the audit data being collected to eliminate false positives and false negatives from the data.
Required Skills and Qualifications:
- Qualified candidates must possess an active TS/SCI with polygraph clearance to be considered.
- At least 8 years of related experience.
- At least 2 years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk.
- Must have Splunk Enterprise Certified Admin Certificate or higher.
- Experience in design, implementation, and support of Splunk core components, including: indexers, forwarders, search heads, and cluster managers.
- Experience with configuration and administration of Splunk ingestion and forwarding for new and existing applications and data.
- Experience with troubleshooting Splunk dataflow issues between the various Splunk core components.
- Experience configuring and deploying data collection for a variety of operating systems and networking platforms.
- Experience creating Dashboards and Analytics within SIEM tools.
- Experience working with monitoring systems supporting auditing, incident response, and system health.
- Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps.
- The ability to troubleshoot issues with log feeds, search time, and field extractions.
- The ability to troubleshoot problems related to data solutions.
Desired Skills and Qualifications:
- Bachelor's Degree in Computer Science, Engineering, Information Assurance, or a related discipline.
- Network Security Operations Center (SOC) experience.
- Experience and talent in data visualization.
- Experience creating workflows for Incident Response within a SIEM Tool.
- Security+ Certification.
- GIAC Certified Incident Handler Certification.
- GIAC Cyber Threat Intelligence Certification.
- Cybersecurity certifications.
- Formal SIEM training.
- Experience working on an Agile team/program.
About Navstar
For 20 years Navstar has provided high-quality Innovative Technology Services and Solutions throughout the Intelligence Community. We would not have achieved the success we have without the best AllStar team; this is not just a place to work, Navstar is a community. At Navstar everything we do revolves around listening to both our customers and employees, delivering the results they expect, and being a trusted partner as both a prime and subcontractor. We have proven track record of successfully providing innovative technology services and solutions on highly mission-focused programs; all while enjoying what we do at the same time. Security is our priority; together, we will make the nation a safer place.
Benefits at Navstar
- Highly Competitive Health Care Premiums, including 100% employer paid for employee
- Flexible Spending Accounts for Medical and Dependent Care
- Generous PTO and Federal Holiday Paid Leave
- Employer Paid STD/LTD
- Employer Paid Life Insurance
- 401K plan and Employer Match
- Referral and Opportunity Referral Programs
- Professional Development Assistance
EOE/M/F/Vet/Disabled
Navstar, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, age, religious beliefs, national origin, disability, U.S. veteran status, or any other legally protected characteristics under federal, state or local law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics ArcSight Audits Clearance Computer Science GCTI GIAC Incident response Monitoring Network security Polygraph SIEM SOC Splunk Threat detection Threat intelligence Tripwire TS/SCI
Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Health care Insurance Medical leave Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.