Peraton is currently seeking a Splunk SME to become part of Peratons’ Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective, and secure business processes.
Location: Beltsville, MD. On-site.
This current opening will support a Monday-Friday, 8:00am to 4:00pm shift.
The DSCM program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support to aid and advise DoS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats.
In this role, you will:
- Work in a team environment with analysts and engineers to protect a global IT infrastructure against the most advanced threat actors!
- Develop content for cyber defense tools.
- Manage SIEM rulesets, dashboards, and reports from within Splunk Enterprise Security to defend against state actors and other APTs.
- Develop signatures for Suricata, Zeek/Bro. Snort and potentially leading vendor cloud environments (Microsoft Azure/Google GCP, Amazon AWS)
- Provide new detection capabilities based on emerging threats, threat intelligence, and Red Team input.
- Assist in administering an active threat database, ensuring threat intelligence is ingested and consumed by our SIEM.
- Provide Developer support in a 24x7x365 environment.
- Determine tactics, techniques, and procedures for intrusion sets.
- Provide reporting on detection development metrics.
