Description - Ensure the Splunk infrastructure functions properly with PKI-based authentication, corporate authorization services, firewalls, and SSL/TLS communications.
- Contribute to development and ongoing improvement of industry best practices and standards for maintaining data analytics enterprise technologies.
- Assist with installing, testing, and deploying hotfixes/patches for Splunk app/product releases to manage enterprise vulnerabilities.
- Assist with development of knowledge articles, documentation, and work instructions used by the Splunk, server, desktop and Information System Security teams, and Tier 2/3 Help Desk technicians.
*Requires after hours on-call
RequirementsTS/SCI with poly required
- High School/GED and 25 years of experience
- A Bachelor of Science may be substituted for 5 years of experience
- Experience managing user authentication within Splunk including RBAC/ABAC
- Strong organizational, communication, and collaboration skills
One of the Following Certifications Required:
- CCNA Security
- CySA+
- GICSP
- GSEC
- Security+
- CND
- SSCP
- CASP
- CCNP Security
- CISA
- CISSP
- GCED
- GCIH
- CCSP
Desired:
- Experience reviewing network, host, and firewall security logs
- Experience with Splunk Machine Learning Toolkit (MLTK)
- Experience with scripting languages such as CSS, HTML, JavaScript, and Python
- Knowledge of RMF, Trellix ePO, NESSUS, SCAP, and vulnerability scanning
- ServiceNow Ticketing System
- Shell scripting to automate tasks and manipulate data
BenefitsHealth & Life Insurance Dental Insurance Disability Insurance 401K Retirement Plan with Matching Tuition Assistance Vacation and Sick Leave Hiring Bonuses Referral Recruitment Program