SOC EngineerArlington, VA MUST:Active Secret clearance with the ability to obtain a Top-Secret clearance is requiredExperienced Splunk Security Engineer10+ years of relevant technical experience5+ years of related systems engineering experience - primarily in a government environment, dealing with business critical, high availability systems4+ years of experience querying and manipulating data2+ years of experience with SPL and knowledge of data types, conditions, and regular expressions2+ years of Splunk Application Administration experienceExperience with implementing, and operating Splunk or other big data platformsExperience configuring and utilizing monitoring/logging and security analysis solutionsUnderstanding of system, network, and application security threats and vulnerabilities with the ability to establish monitoring solutionsExperience creating advance Splunk dashboardAble to perform direct and advisory roles in oversight planning and implementation of projects and initiativesAbility to identifying different tactics and techniques of attacksStrong log analysis skillsStrong knowledge of data analysis - experience implementing and monitoring security contr olsStrong ability to identify logging and monitoring requirementsUnderstanding of TCP/IP and UDP protocols, network ports/protocols, and traffic flowUnderstanding of Boolean logic and event correlationSolid communications skills, both written and verbal. Able to create, discuss and explain technical documentationCertified Splunk Power User or higher is requiredSecurity+ CE or other 8570 IAT Level II certification is requiredBachelor s degree is required; additional years of experience may be accepted in lieu of degree DUTIES:Responsible for utilizing tools such as SPLUNK to enhance monitoring capabilities and perform monitoring duties as well as expanding on the security posture of the current environmentSupports Security Operations by threat hunting and security monitoringBuilds out processes and procedures to include documenting work in SOPsCoordinates with internal and external teams to address threats and risks via investigation and forensic analysisDevelop custom dashboards, data models, reports, alerts, and performance optimization for SplunkDevelop complex queries using Splunk Query Language for use in advanced dashboard and alerts to promote advanced searching, forensics, and analyticsRecognize and on-board new data sources into Splunk, analyze the data for anomalies and trends, and building dashboards highlighting the key trends of the dataDevelop and document configuration standards, policies, and procedures for operating, managing, and ensuring the security of system infrastructureParticipate in incident, problem, and change management processesPerform real-time cyber defense incident handling (eg, forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support Incident Response Teams (IRTs)Develop documentation on new or existing systemsProvide system/equipment/specialized training and technical guidanceAdvise management and team members of risks associated with technologies and implementation approaches and identify methods of risk mitigationSupport problem resolution and identify process improvements. Interface as needed at multiple levels of management, providing information in technical areasCommunicate with customers and teammates clearly and concisely.Characterize and analyze network traffic to identify anomalous activity and potential threats to network resourcesNotify designated managers, cyber incident responders, and cyber security service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response planPerform analysis of log files from a variety of sources (g. Individual host logs, network traffic logs, firewall logs, and intrusion detection system {IDS} logs) to identify possible threats to network security Quadrant, Inc. is an equal opportunity and affirmative action employer. Quadrant is committed to administering all employment and personnel actions on the basis of merit and free of discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or status as an individual with a disability. Consistent with this commitment, we are dedicated to the employment and advancement of qualified minorities, women, individuals with disabilities, protected veterans, persons of all ethnic backgrounds and religions according to their abilities.