By Light is seeking a Senior Security Tools Engineer to join our team in a proposal to support the US Citizenship and Immigration Services (USCIS) withCyber Security Defense Services (CSDS). The scope of the project involvesprotecting USCIS' IT infrastructure and resources, information systems, and the information used in these environments from cybersecurity threats. Current SEB operations include: deploying and operating cyber security tools, reviewing USCIS source code, assessing the security and effectiveness of USCIS systems, security tools and processes, providing security engineering expertise to other OIT divisions, securing USCIS Networks, operating the USCIS vulnerability management program, and developing and deploying solutions to automate security compliance USCIS systems hosted in cloud environments. Our team willassess, architect, implement, deploy, and operate solutions for capturing security relevant information (eg log data, NetFlow data), and analyzing it to identify markers, patterns, and anomalies that indicate intrusions, lateral movement, command and control, data exfiltration, or other security issues. We will operate the USCIS Security Event and Incident Management (SIEM) tool, and work collaboratively with development and operational teams to set and implement standards for logging. The system currently in use is Splunk Enterprise. Minimum of 8 years of experience in IT security, and 5 years of specialized experience in implementing enterprise security products and solutions. A Bachelors or Masters degree in Computer Science, Information Management or Engineering, or other comparable degree or comparable experience. Experience leading the deployment and operation of vulnerability assessment tools, such as Tenable Security Center or Beyond Trust Retina to a large enterprise. Experience leading the deployment and operations of a large, complex, endpoint security installation at a large enterprise (McAfee ePolicy Orchestrator, Symantec Protection Suite, Microsoft Defender ATP, etc.).