Performs a variety of routine project tasks applied to specialized information assurance problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. Analyzes information security requirements. Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. Provides security engineering support for planning, design, development, testing, demonstration, integration of information systems. Analyzes threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and a variety of other sources. Creates customized dashboards using Security Information and Event Management (SIEM) tool Splunk ES to elevate high threat items to incident responders. Administration knowledge of the Splunk ES and backend database infrastructure related to upgrades and daily maintenance is essential. Provide analysis and make recommendations in line with the roles of CERT Incident Handlers (IH) and site Information Assurance Managers (IAM). Develop ES rules, reports, dashboards, data monitors, active channels, trends and use cases to identify threats and optimize data mining across DLA. Will research, plan, install, configure, troubleshoot, maintain and backup all components in the DLA Splunk Enterprise Log Management (ELM) architecture.
Seven (7) years of relevant IT experience
DOD Secret Clearance
Must be eligible for IT I
Relevant certification meeting DOD 8570.01 IAT level III
Relevant certification meeting DOD 8570.01 CND-IS
Computing Environment: Linux+, Splunk Administrator
Experience creating custom dashboards and reports in Splunk using threat data.
Experience in the integration and sustainment of Splunk Core and Splunk Enterprise Security (ES)
This job and many more are available through The Judge Group. Find us on the web at