Splunk Onboarding Lead (Government)

Employer
AlienVault
Location
Chantilly, VA
Posted
Sep 21, 2022
Closes
Sep 30, 2022
Ref
666167834
Function
Accountant, IT
Hours
Full Time
AT&T Global Public Sector is a trusted provider of secure, IP-enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing, and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values, and dedicated to our customers' mission.Our Cyber Security Team supports the customer by investigating, analyzing, and mitigating cybersecurity incidents that attempt to breach the Customer's network infrastructure, applications, and operating systems.AT&T has an opening for a Splunk Onboarding Leadto support the Grimlock contract.The job duties of the Splunk Onboarding Lead are as follows:Perform tasks and complete customer requests using the ServiceNow delivery platform.Resolve incident tickets issued through ServiceNow.On-board customer's assets consisting of operating systems, applications and network devices in multiple enclaves.Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.Lead the exploration of emerging technologies by arranging demonstrations, providing technical evaluations, and input to the customer's roadmap development. Manage the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline. Assist the Program/Project engineers in testing and implementing future enhancements.Utilize, evaluate and update all engineer instruction sets and SOPs.Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.Perform various Linux and Windows systems administration tasks related to the operational system.Verification and validation that the segments are operating as desired, audit events are being processed, metrics generation, and ensuring that all required systematic audit events are being accomplished. Operate and multitask in a dynamic high tempo environment. Perform the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline. Perform work duties in a government environment as part of a multi-contractor team. Facilitate the enablement, collection, and verification of customer data within SIEM tools.Develop SIEM search queries to support Enterprise Audit service requirements.Ability to learn custom audit solutions with advanced parsing techniquesLead and coordinate Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedbackRequired Clearance:TS/SCI with poly (#ts/sci) (#polygraph)Required Qualifications:A minimum of 5+ years overall relevant experience and a Bachelor's degree or an Associates degree and 7+ years relevant experience or 9+ years overall relevant experience with no degree.IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification within 6 monthsThe ideal candidate will be able to work independently and be able to take on tasks quickly with minimal direction. Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.A solid understanding of Windows and Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required. Familiarity with the Certification & Accreditation process is preferable but not requiredDesired Qualifications:Splunk CertificationsAbility to learn and comprehend from provided training in an individual contributor and team capacity. Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.Experience with Linux, Windows Server and workstations, Red Hat and CentOS.Cloud environment experience and/or certifications.Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.Familiarization with ICS 500-27 for Audit collection requirementsFamiliarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and UAMAbility to clearly articulate ideas for executive - level as well as technical staff consumptionAnalytical capability to look for and provide input on process improvementsMust be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.Ready to join our team? Apply Today Job ID 2229903 Date posted 06/08/2022

Similar jobs