Cyber Analyst III

About The Position

Requirements

• 3 years of Splunk Admin roles
• 10 years of Cyber Experience
• Ability to establish and participate in Implementation Teams and provide IT security considerations and planning to program management and engineering
• Knowledge and practical experience of computer security components ( i.e. topology, switches, routers, firewalls)
• Understanding of current information security threat analysis, identification, mitigation and investigation techniques
• Must be eligible for a DOD Personnel Security Clearance and any special access requirements
• Must be detail oriented
• work with minimal supervision
• Strong analytical and problem solving capabilities
• Prior experience with IT Audit procedures and documentation
• Extensive experience with hardware/software platforms to include Windows and Linux

Nice To Haves

• Bachelor’s degree in related disciplines preferred
• At least one DoD 8570 Certification
• Military career specialty in Information Assurance and/or Security is desired
• Other professional certifications highly desirable

Responsibilities

• Experience in design, implementation, upgrades, and support of Splunk (Indexers, Forwarders, Search-Heads, Multi-Site Architecture, etc)
• Identifying or writing Splunk Apps/Dashboards to aid in Security and Operational issues
• Experience with Linux and Windows required for Splunk administration
• Understanding with virtualization technologies (VMware)
• Assists in maintaining IT Security policies, procedures, and documentation
• Performs comparisons between existing standards and practices and work instructions, correcting practice documents when needed
• Responsible for recurring tasks on systems as assigned: Conduct scheduled inspections of systems/facilities that process classified information; Maintain and audit all logs and records associated with operation procedures; Audit security logs, reports, daily system audits, security logs and authentication features to assure security-relevant actions are properly implemented and executed; Create security reporting as required by ongoing business needs and audit requirements; Identify new security platforms/tools to improve overall infrastructure security; Review current and upcoming security requirements/threats and create the necessary actions to mitigate any risks to the organization
• Evaluate enterprise business system proposed changes, updates, or patches and advise IT Management, Change Management Board, and ISM of relevance
• Provide security best practice guidance and expertise to project manager(s) and BSA to define requirements for applications, installations, and program architecture for information systems
• Provide assistance to IT team members, BPO, and Security staff to insure compliance with applicable IT Security policies, DoD/Service specific regulations and contractual security requirements
• Perform as a member of the IT Incident Response Team for threats and security risks to the organization. This includes interfacing with the underlying teams/individuals to formulate and apply remediation action
• Build and maintain cloud components specific to security, identity, and governance in multiple cloud providers
• Develop and document cloud security best practices and security guidelines for cloud technologies
• Must comply with all company security and data protection / usage policies and procedures
• Personally responsible for proper marking and handling of all information and materials, in any form
• Shall not divulge any information, or afford access, to other employees not having a need-to-know
• Shall not divulge information outside company without management approval
• All government and proprietary information will be accessed and stored electronically on company provided resources