Splunk Administrator

Falconwood, Inc.
126d$150,000 - $200,000
Match Resume

About The Position

Responsible for providing support to PMW 220 Information System Security Officer or Manager (ISSO/ISSM) for Risk Management Framework (RMF) implementation and continuous monitoring. Provides assistance with and guidance on the deployment, use and administration of Cybersecurity operations tools, e.g. Security Information and Event Management (SIEM) tools such as Splunk as required within the PMW 220 portfolio and commercial and private cloud hosting environments to ensure that the controls within the security controls baseline are in place and functioning as intended to protect Navy data. The candidate will work with the PMW 220 Audit Readiness Section as necessary to coordinate the identification and remediation of cybersecurity control weaknesses with financial audit impacts.

Requirements

  • 3 to 5 years of experience in a cybersecurity operations environment.
  • 3 to 5 years of experience as a Linux Systems Administrator.
  • 3 to 5 years of experience as a Splunk Administrator in a large enterprise environment.
  • 3 to 5 years of experience deploying and maintaining 2-Tier and 3-Tier applications.
  • Familiarity with SIEM tools, vulnerability scanning tools, monitoring tools, and automated security assessment tools.
  • Certification in Linux (e.g., CompTIA's Linux+) or formal training completion certificate in Linux.
  • Certification to meet IAT Level 1 CSWF requirements (e.g., Isc2's CISSP).
  • SECRET security clearance with favorably adjudicated T5 background investigation.

Nice To Haves

  • Knowledge of TCP/IP (IPv4, IPv6) and related protocols (HTTP, FTP, SSH, NFS, etc.).
  • Experience writing scripts (bash, shell, perl, python, etc.).
  • Experience writing regular expressions.
  • Hands-on IT experience including server build, LDAP, and understanding of Encryption Algorithms and PKI authentication implementation.
  • Extensive hands-on experience installing/configuring and administering the Splunk Enterprise Security App.

Responsibilities

  • Provide support to PMW 220 ISSO/ISSM for RMF implementation and continuous monitoring.
  • Assist with deployment, use, and administration of Cybersecurity operations tools.
  • Ensure security controls are in place and functioning to protect Navy data.
  • Coordinate with PMW 220 Audit Readiness Section for cybersecurity control weaknesses.
  • Assess system compliance with DISA Application Security STIG(s).
  • Document mitigating factors for non-compliant STIG configurations.
  • Develop Plan of Actions and Milestones (POA&M) for remediation and/or mitigation of vulnerabilities.
  • Implement Splunk Enterprise Security in a large enterprise environment.
  • Deploy Splunk Universal Forwarders to collect events and forward to Splunk Indexers.
  • Write Splunk scripts for events filtering.
  • Perform Splunk Enterprise Data Administration.
  • Install, upgrade, and patch applications.
  • Troubleshoot issues with applications in a complex network environment.
  • Maintain documentation of processes, procedures, and configurations.
  • Communicate effectively in writing and verbally.
  • Develop implementation schedules, project plans, and system assessment plans.
  • Track POA&M items and provide status updates.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Number of Employees

101-250 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service