Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.
Job DescriptionCYBER ENGINEER (Splunk Analyst)- A SECRET CLEARANCE IS A MUST HAVE TO START
The Navy Standard Integrated Personnel System (NSIPS) is seeking a Cyber Engineer/Splunk Analyst to join their team. NSIPS is the Navy's single, field-entry, electronic pay and personnel system for all USN/USNR Sailors.
As the Cyber Analyst you will:
Designs develop, test, and evaluate information system security throughout the systems development life cycle
Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Evaluate firewall change requests and assess organizational risk
Communicates alerts to teams regarding intrusions and compromises to their network infrastructure, applications, and operating systems
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs
Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external Web integrity scans to determine compliance
Prepares incident reports of analysis methodology and results
Implement approved Splunk SaaS architecture and design
Support and maintain high availability for SaaS Splunk deployments
Maintain Splunk architectural diagrams and documentation
Ensure compliance with regulations and privacy laws
Perform DoD system certification and accreditation activities as prescribed by IA leadership
Develop and document IA processes and procedures for the environment as necessary
Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research
DISA Security Technical Implementation Guidelines (STIG) for an operational DoD environment, including scheduling, validation, remediation, and reporting
Work with customers, software developers, network/system administrators, and others to ensure that security requirements are understood and implemented
Basic Qualifications:
BS degree; 3 additional years of experience may be considered in lieu of a degree
1-2+ years of experience with log sources, including various network, host, and application logs
1-3+ years of experience in utilizing SIEM for log analysis, monitoring, and investigation
1-2+ years of experience identifying attacker tactics, techniques, and procedures
1-2+ years of experience using threat intelligence to find suspicious activities proactively and iteratively in available security telemetry
1-2+ years of experience working in a Security Operations Center (SOC) environment
1-3+ years of hands-on experience writing and optimizing detection queries using various query languages, particularly in SPL for Splunk
Demonstrated understanding of modern attack patterns and threat landscape
Demonstrated excellent analytical and problem-solving skills with the ability to identify and mitigate security risks
1-2+ years of experience in intrusion detection, security investigations, and incident response
1-3+ years of experience and working knowledge of Splunk Enterprise Security platform
1-2+ years of experience in Detection Engineering or Digital Forensics with broad knowledge of security domain
1-2+ years of experience of KQL for Microsoft Defender EDR
Demonstrated expertise in EDR, email security, and securing SaaS applications
DOD 8570 IA Level II Certification required (i.e. Security+ CE); CISSP, CISA, and CISM certifications preferred.
SECRET CLEARANCE REQUIRED TO START
Telecommuting Options:
Remote
GDIT IS YOUR PLACE:
● Full-flex work week to own your priorities at work and at home
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays