Splunk Engineer
The Judge Group Inc.

Location: Quantico, VA
Description: The Judge Group is currently seeking a Splunk Engineer with an active secret clearance to support a DoD organization at Quantico. For immediate consideration email your resume to rkissinger@judge.com.
- Robbie Kissinger

Responsibilities:

• Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyberthreats to the client
• Provides timely and actionable sanitized intelligence to cyber incident response professionals
• Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture
• Conducts intelligence analysis to assess intrusion signatures, tactics, techniques, and procedures associated with preparation for and execution of cyber-attacks
• Research hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership
• Coordinates with the Cyber Security and Operations teams to build dashboards and queries to assist with threat detection and incident response
• Participates in developing security-focused content for Splunk implementations across multiple network classifications on Department of Defense (DoD) networks
• Assists with designing log management and data ingest solutions while ensure efficiency and scalability
• Supports the development of automation and scripting directly supporting data/threat analysis
• Implements and manages Splunk add-ons to enhance capabilities to include advanced threat detection and machine learning
• Supports the A&A authorization of the Splunk environment
• Monitors system recovery processes to ensure security features and functions are properly restored and functioning correctly following outages
• Supports implementation efforts for response/actions addressing operational and communication orders from governing organizations
• Provides expert analysis of logs/alerts/records to prevent or detect anomalies or adverse events
• Supports the Government in the enforcement of suspected malicious activity
• Participates in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes
• Works on project teams responsible for engineering and packaging releases to integrate within the customer's production IT environment
• Guides and advises government customer with Splunk best practice solutions and configurations
• Supports a growing Cybersecurity team with occasional training evolutions
• Supports RMF compliance requirements by analyzing processes and recommending solutions
• Communicates well, both written and verbally

Minimum Requirements:

• Active Secret clearance: TS/SCI is highly preferred
• DoD 8570 (IAT II Level) certification
• Position requires on-site support at Quantico, VA with telework flexibility at customer's discretion
• High School with 10+ years (or commensurate experience)
• 5+ years of managing Splunk and SIEM systems
• 2+years of security engineering experience working with DoD IT systems and solutions
• 1+ years of experience with application and OS logging

Contact: rkissinger@judge.com

This job and many more are available through The Judge Group. Find us on the web at www.judge.com

---