Jacobs
Location
Columbia, MD | United States
Job description
Your Impact:
This is an opportunity to work hand-in-hand with the customer on an exciting and dynamic program. The team provides a full suite of cutting edge, and industry leading solutions and hands-on support with designing, implementing, managing, and sustaining operations on a multitude of different network environments. We provide an environment that fosters and supports innovation and creating outside the box thinking to solve complex problems. There are several training opportunities for team members that want to learn new technologies and stay current with their technical skillset. We are a highly technical group and nurture growth, with a technical culture of cross-trained teammates with opportunities to develop additional skillsets.
Responsibilities:
The Splunk Engineer works with the customer to determine log management and SIEM needs, evaluate existing systems, for improvements, gaps, and next generation architecture and design. Designs and deploys new systems and upgrades existing systems as needed to meet customer needs and protect systems from emerging threats. The Splunk Engineer will identify gaps in malicious activity detection capabilities, create new signatures / rules to improve detection of malicious activity and test and tune existing signatures / rules to ensure low rate of false positives. The Splunk Engineer will assist in playbook development for alert triage and Incident Response, define and implement alert and threat detection metrics, statistics, and analytics. The Engineer will recommend new tools/technologies to improve network visibility, support Incident Response and Forensic operations as required to include static/dynamic malware analysis and reverse engineering, and author and maintain scripts for threat detection and automation.
The Splunk Engineer will have direct hands on experience with tools such as Logstash, Podman, Docker, Splunk, Corelight, Security Onion, Windows Operating System, and Red Hat Enterprise License.
This position is a true “hands-on-keyboard” role in which you will be required to both independently, and as part of a broader team, install, configure, and maintain Splunk and other SOC related applications.
#divergent #dvscyber
Here’s What You’ll Need:
– 4+ years of Experience working as an information security engineer or within a SOC
– Required IAT Certs: one or more of the following: CASP+, CISA, CISSP, GCIH, CEH, GIAC, GCIA, CCNP-Security
– Required Vendor Cert: Splunk, Microsoft, Cisco, Linux, or any other related vendor certification
#divergent #dvscyber
Job tags
Salary
