|Date Posted||April 10, 2019|
We are hiring Information Systems Security Technician – SPLUNK Administrator for US ARMY project based in Radford, VA
Company Name: - JTSi (Johnson Technology Systems, Inc.)
Company Profile: - www.jtsusa.com
Position: Information Systems Security Technician – SPLUNK Administrator
Location: Radford, VA
Clearance: Active Interim Secret or higher in JPAS
Experience: A total of at least 4 years of experience in CyberSecurity (aka, Information Assurance) and SEIM administration using SPLUNK
- DoD 8570.1M IAM level 2 is required (i.e., CISSP).
As part of the CyberSecurity Branch - Internal Controls Team, Resource shall provide information systems security engineering assistance consisting of the following tasks:
- Resource will deploy, install, manage, and operate SPLUNK Enterprise Security at US ARMY.
- Resource will deploy, install, manage, and operate file integrity monitoring systems for US ARMY.
- Resource will deploy, install, manage, and operate Intrusion Detection/Prevention Systems for US ARMY.
- Resource will customize and create rules and signatures for IDS/IPS to meet emerging vulnerabilities and provide enhanced detection capabilities.
- Resource will perform daily vulnerability check using multiple intelligence gathering sources and provide written summaries of threat and vulnerability information.
- Resource will assist in the preparation of network infrastructure specifications or designs incorporating required information security features.
- Resource will provide SPLUNK Enterprise Security Platform design support US ARMY and hosted customers.
- Resource will coordinate with US ARMY team to ensure all devices and components report all logs to the SPLUNK Enterprise Security Platform and perform troubleshooting and maintenance of assets.
- Resource will update and/or assist the hosted system's personnel in updating artifacts of the Risk Management Framework (RMF); i.e., system diagram (logical and physical) Hardware/Software/Firmware Inventory, Interface & Ports, Protocols and Services listing, etc.
- DoD 8570.01M IAM level II certification is required. Resource must possess Baseline certification as defined in DoD Instruction 8570.01M
- A total of at least 4 years of experience in CyberSecurity (aka, Information Assurance) and Splunk administration performing the above specified tasks
- Strong PCRE (regular expression) skills
- Experience utilizing best practices for getting data into Splunk and the Common Information Model
- Experience with working in a large enterprise environment
- Knowledge of enterprise logging, including application, OS, and security technology logging
We recruit, employ, train, compensate and promote without regard to race, religion, color, citizenship, national origin, age, sex, gender, gender identity/expression, sexual orientation, marital status, disability, genetic information, veteran status or any other characteristic protected by federal, state, or local law.
Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site http://jtsusa.com/careers or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at http://jtsusa.com/careers