Information security engineer
Location
Park County, MT | United States
Job description
TeAM Inc is seeking to fill the position at McClellan Park, CA. We strive to provide the next generation of cutting-edge technologies. Our growth means exciting career opportunities for talented professionals in engineering, software development, and other key areas.
- Position: Splunk/Information Security Engineer
- Location: McClellan Park, CA
- Position Type: Full-Time.
- Travel: N/A
- Clearance : TS/SCI
Specific Job Responsibilities:
- Strong Splunk background in design, install, configure, manage and monitor large distributed/clustered Splunk Enterprise on-site and cloud-based implementations; Create customized DashBoards to comply with Security Controls.
- Maintain existing and when required create new SOPs in support of this objective. SOPs shall be in compliance with DoD 8530.01M and current CND evaluators scoring matrix (currently ESM v9).
- Continuously monitor (ConMon) information systems
- Ensure all security incidents are identified and handled within established CND SLAs and follows the DMEA Incident Handling Plan and CSSP Incident Handling Plan procedures.
- Manage internal and perimeter firewalls and IDS/IPS.
- Review and monitor firewall rules for networks at DMEA, identify issues and deficiencies, make corrections and advise management of possible incidents.
- Monitor and maintain policies on DMEA Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), including Wireless IDS.
- Provide packet capture analysis as needed using various tools such as WireShark network protocol analyzer.
- Provide response and support for customer requests for temporary firewall rules and firewall, IDS, and IPS-related issues.
- Support, monitor, configure, and manage remote client VPN solutions.
- Track and maintain lists of open ports via the DoD Ports, Protocols, and Services Management registry.
- Support, maintain and patch all associated cyber security systems to include but not limited to Linux and Windows based operating systems managed by DMEA.
- Review and configure system security posture IAW DISA STIG requirements and industry security best practices for system hardening.
- Review and monitor gateway e-mail security systems for networks at DMEA, identify issues and deficiencies, make corrections and advise management and federal leads of possible incidents, inappropriate use, and malicious domains.
- Monitor threat intelligence feeds for latest email borne threats.
- Identify email based threats and malicious emails, and be able to write custom signatures to identify/alert/block email threats.
- Update Antivirus software supporting email security systems.
- Provide response and support for customer requests to release valid e-mails and other e-mail security issues.
- Support, maintain and patch all associated cyber security systems to include but not limited to Linux and Windows based operating systems managed by DMEA.
- Review and configure system security posture IAW DISA STIG requirements and industry security best practices for system hardening.
- Provide system administration, review and monitor host based security system server and host systems for networks at DMEA, identify issues and deficiencies, make corrections and advise management and federal leads of possible incidents and malicious activity.
- Provide response and support for host based security system software and virus incidents, address customer issues, and take corrective action to clean viruses and malicious software from affected systems.
- Provide host based security system support to system administrators during troubleshooting efforts.
- Ensure compliance with DoD requirements as they pertain to host based security system.
- Review and monitor web content servers and systems, identify issues and deficiencies, collect and review information on malicious sites and update block lists, make corrections and advise management and federal leads of possible incidents, malicious activity, and inappropriate use.
- Response and support to address customer issues related to blocked web sites.
- Coordinate with DMEA and CSSP firewall personnel to setup IP blocks for malicious activity that warrants further action.
- Support, maintain and patch all associated cyber security systems to include but not limited to Linux and Windows based operating systems managed by DMEA.
- Review and configure system security posture IAW DISA STIG requirements and industry security best practices for system hardening.
- Support and monitor IDS, IPS, and associated monitoring software.
- Configure and maintain a DMEA provided SIEM tool.
- Monitor a DMEA provided SIEM tool for potential incidents.
- Report potential incidents to a DMEA Information System Security Manager or a DMEA Information System Security Officer.
- Configure and maintain a DMEA provided comply to connect tool.
- Configure and maintain DMEA provided continuous endpoint monitoring tools.
- Track and monitor IA Workforce Improvement Program (IAWIP) compliance.
- Maintain existing and when required create new SOPs in support of this objective.
Position Qualifications:
Education :
- Master of Arts or Master of Science
Experience :
- Minimum of 10 years of experience
Certifications :
Must have one of the following Information Assurance Technical Level II (IAT II) certifications
- Cisco Certified Network Administrator (CCNA) Security
- CompTIA Cybersecurity Analyst (CySA+)
- Global Industrial Cyber Security Professional (GICSP)
- Global Information Assurance Certification (GIAC) Security Essentials (GSEC)
- CompTIA Security+
- Certified Network Defender (CND)
- Systems Security Certified Practitioner (SSCP
Must possess the following computing environment certification(s):
- Certified Information Systems Security Professional (CISSP) (or Associate)
- Splunk Administrator
If you are interested in this position, please send me a copy of your latest resume at
with the information requested below: Also, please let me know what time/number is best to call to discuss this great opportunity. In case you are not interested in this position, or this is not a right fit for you, please feel free to share this opportunity with your friends/networks or anyone you know who may be interested in this position. Thank you!
- Availability to start a new job
- Best Rates
- Contact #
Please don t hesitate to contact me for any question (s) you may have. All employment is decided on the basis of qualifications, merit, and business need.
Regards,
Mehreen Rather
Recruitment Professional
Adapt : Innovate : Create
Veteran Owned Small Business (VOSB)
ISO 9001:2015 : ISO 20000-1:2018
ISO/IEC 27001:2013 : CMMI DEV 3
NIST 800-171 Compliant
M:
Email:
TeAM Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity, disability status, protected veteran status, or any other characteristic protected by law.
Report this job
- Dice Id: 10322569
- Position Id: 8212345
Job tags
Salary
