Senior Cybersecurity Specialist

About The Position

Requirements

• Proficiency in developing, optimizing, and managing Security Information and Event Management (SIEM) solutions using Splunk to effectively detect, track, and audit system logging data for network security.
• Experience with Tenable Nessus and DISA STIG/SCAP tools for generating tailored threat reports, identifying network vulnerabilities, and supporting remediation efforts.
• Strong ability to oversee and support an analyst team in timely detection, identification, and alerting of potential attacks or intrusions, while distinguishing legitimate events from malicious activity.
• Knowledge of deploying and maintaining the Elastic Stack (ELK) suite of tools for 24/7 threat detection, monitoring, and incident response.
• Proficiency in conducting forensic investigations (host and network) and integrating the MITRE ATT&CK framework with threat intelligence to assess risks, recommend protocol updates, and produce security documentation (e.g., TTPs, playbooks).
• Bachelors degree and five (5) years' experience; Four (4) years' experience can be considered in lieu of degree.
• Must possess an active TS/SCI; US Citizenship required.

Responsibilities

• Develop and optimize Splunk Security Information and Event Management (SIEM) data collection solutions to detect, track, and audit various system logging data for timely response to adverse actions on the network
• Employ Tenable Nessus and DISA STIG/SCAP tools to generate tailored threat reports for senior management and information system engineers to facilitate effective remediation of identified vulnerabilities
• Oversee analyst team, providing timely detection, identification, and alerting of possible attacks/intrusions and distinguishing the incidents and events from benign activities
• Deploy and maintain Elastic Stack (ELK) suite of tools to provide 24/7 threat detection and incident response
• Perform forensic investigations on host and network systems, determining scope, urgence, and impact of suspected events and makes recommendations that enable timely remediation
• Integrate MITRE ATT&CK framework with Threat Intelligence data to identify and assess risks and threats, and recommend updates to enterprise security protocols
• Develop, maintain, and implement Tactic, Techniques & Procedure (TTP) documents, incident response playbooks, and risk mitigation documentation
• Provide mentorship and training to junior security analysts and provide security awareness training to various cross-functional organizations