Cyber Security Operations Engineer - Splunk Moorestown, NJ We are looking for a Cyber Security Operations Enablement Engineer (Contractor) to help support critical functions of our Cyber Security Operations Center (CSOC). This role is expected to develop and maintain an expert level understanding of all facets of daily operations including processing & technology, while developing & on-boarding new SIEM content & tuning detection technologies. RESPONSIBILITIES: Conduct continual analysis of the complete CSOC security toolset, gaining an expert level understanding of all features along with how they maybe most effectively utilized. Perform tuning & optimization of security tools & SIEM rules, partnering with other stakeholders within CCS and Comcast technologies groups as required. Build working relationships with product owners to enable early awareness of new features pipelines. Evaluate all new features for inclusion into CSOC operations. Identify opportunities for automation and run associated development efforts. Validate completed use cases for SIEM rules and test that rules have been properly implemented. Recommend new use cases for SIEM rule creation and log intake Develop and troubleshoot automated playbooks for orchestration tools. Create and edit technical documentation and runbooks. Participate in Cyber Security investigations & incident response activities. Conduct proactive monitoring as needed in response to company & global events. Other duties and responsibilities as assigned. Requirements EXPERIENCE REQUIRED: • At least 5 + years of related experience • Proven hands-on experience building & managing Splunk uses cases & content driven from customer requirements. • Solid technical understanding of common log formats & source designs, along with subject matter specific expertise in Splunk & Splunk Enterprise Security. • Experienced configuring, tuning, and evaluating efficacy of key security tools including but not limited to firewalls, VPN, proxies, endpoint protection, DLP, CASb, SIEM, anti-malware, forensics. • Familiarity with scripting languages such as Bash, Python, and/or PowerShell. • Experience with major automation technologies such as ansible, Puppet, and/or Chef. • Demonstrated experience with Microsoft Windows and Unix Operating Systems including command-line tasks and scripting. • Expertise in conducting security assessments & configuration of major public & private cloud services. Understanding of the MITRE ATT framework along with experience applying it across various security processes. • Advanced knowledge of computer network concepts and protocols along with experience conducting network traffic & packet-level analysis. • Advanced knowledge of computer networking concepts and protocols along with experience conducting network traffic & packet-level analysis. • - Knowledge of advanced cyber threats and attacker methods including corresponding tactics/techniques/procedures (TTPs) • Understanding of common types of attacks & vulnerabilities including CVSS, OWASP Top 10, CWE. • -Demonstrated ability to understand & assess security risk. • Knowledge of incident response and handling methodologies • Superior technical writing, presentation, and organizational skills • Work will be primarily remote with occasional on-site work in Moorestown, NJ. BenefitsLeading Path is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to our government and Fortune 500 clients. We offer a professional and work environment with a strong work-life balance. Leading Path provides a comprehensive and competitive benefits package, 401K, tuition reimbursement and opportunities for professional growth and advancement.