Cybersecurity Engineer

About The Position

Requirements

• Minimum of seven (7) years of relevant IT experience, including cybersecurity engineering and security operations.
• Demonstrated experience creating custom dashboards and reports in Splunk using threat data.
• Proven experience integrating and sustaining Splunk Core and Splunk Enterprise Security (ES) in enterprise environments.
• DoD 8570/8140 CND-IS certification
• CEH – Certified Ethical Hacker
• CFR – CyberSec First Responder
• CHFI – Computer Hacking Forensic Investigator
• Cloud+
• Computing Environment: Linux+, Splunk Administrator
• DoD Approved 8570 Baseline Certification: Category IAT Level III
• CASP+ CE – CompTIA Advanced Security Practitioner (CE)
• CCNP Security – Cisco Certified Network Professional Security
• CISA – Certified Information Systems Auditor
• CISSP (or Associate) – Certified Information Systems Security Professional
• GCED – GIAC Certified Enterprise Defender
• GCIH – GIAC Certified Incident Handler
• CCSP – Certified Cloud Security Professional
• Must possess a Top Secret clearance with a favorable NACLC and be eligible for an IT-I (Tier 5/SSBI) Critical-Sensitive clearance.
• U.S. Citizen

Responsibilities

• Perform a variety of technical and analytical project tasks focused on specialized Information Assurance (IA) and cybersecurity engineering.
• Integrate electronic processes and methodologies to identify, analyze, and resolve total system or technology-related IA issues.
• Analyze information security requirements and apply systematic approaches to improve workflow, organization, and planning.
• Provide security engineering support throughout the system lifecycle—including planning, design, development, testing, demonstration, and integration of information systems.
• Analyze threat intelligence and security event data collected from logs, Intrusion Detection Systems (IDS), intelligence reports, and vendor sources to identify and mitigate risks.
• Develop customized dashboards and visualizations within Splunk Enterprise Security (ES) to highlight high-priority threats for incident response teams.
• Administer Splunk ES and related backend database infrastructure, performing upgrades, maintenance, and daily operational support.
• Create and optimize ES rules, reports, dashboards, data monitors, active channels, and use cases to enhance threat detection, response, and situational awareness across DLA environments.
• Provide expert analysis and recommendations consistent with the roles of CERT Incident Handlers (IH) and Information Assurance Managers (IAM).
• Research, plan, install, configure, troubleshoot, maintain, and back up all components within the DLA Splunk Enterprise Log Management (ELM) architecture.
• Collaborate with cybersecurity and system engineering teams to ensure effective integration, sustainment, and performance of Splunk Core and Splunk ES.

Benefits

• health
• dental
• vision
• 401K
• life insurance
• short-term and long-term disability plans
• vacation time
• holidays