Splunk Cyber Security Engineer
Job Description:
Candidates shall also have specialized experience in one of the following areas:
a) Monitoring and Detection Analyst: Candidates shall have a minimum of three (3) years of professional experience in cybersecurity, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention, Encryption, TwoFactor Authentication, Webfiltering, and Advanced Threat Protection.
b) Incident Response Analyst: Candidates shall have a minimum of three (3) years of professional experience responding to information system security incidents and an ability to use the DHS furnished toolset to identify and determine root causes of incidents and provide any required documentation and possible evidence to authorized personnel who carry legal or investigative authorities.
c) Cyber Intelligence Analyst: Candidates shall have at least three (3) years of professional experience in incident detection and response and/or cyber intelligence analysis, and a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
Primary Responsibilities
Serves as a Tier 2 cyber security analyst supporting one or more of the following areas:
- incident response
- monitoring and detection
- cyber intelligence analysis
Basic Qualifications
Ability to obtain public trust clearance.
Minimum five (5) years of professional experience in incident detection and response, malware analysis, or cyber forensics, and a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
In addition, minimum of three (3) years of specialized experience in one or more of the following areas:
- Monitoring and detection
- Incident Response
- Cybersecurity analysis
At least one of the following certifications
SANS: GCIH, GCIA
SEI: CSIH
Preferred Qualifications
Experience with Cyber Kill Chain.
Education & Experience: BS degree and 4 - 8 years of prior relevant experience in order to operate within the scope contemplated by the level.
Potential for Telework:
No
Clearance Level Required:
Public Trust
Travel:
No
Scheduled Weekly Hours:
40
Shift:
Day
Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, experience configuring and implementing various technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices. Must possess expert knowledge in two or more of the following areas: Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Encryption, Webfiltering, Advanced Threat Protection.