Description
The Vanguard 2.2.1 contract currently has an opening for an SPLUNK Implementation and Operations Engineer to support the Department of State (DoS) Bureau of Information Resource Management (IRM) PKI program. This program provides transparent security services in support of the Department's goals to secure communications among Department staff and systems. The position falls under the "SI Division support service line of the contract.
This is a mid-level SPLUNK implementation and engineering position within the DoS ICAM office. The preferred candidate will be responsible for deploying SPLUNK in support of a security and operation dashboard for a large enclave dedicated to hosing highly sensitive systems.
The position may allow temporary hybrid remote work due to Covid-19. Position may be called back onsite at any time at the customer's request. 3 days onsite or as required by customer.
Qualifications
Required Education & Experience
Bachelor's degree plus five (5) years of related IT, information security, and/or systems engineering experience; Masters and 3 years of experience; May accept additional experience in lieu of degree
Minimum 3 years demonstrated experience with engineering, deploying, maintaining, and utilizing Splunk.
Significant familiarity with IT infrastructures, including a variety of networks, servers, and databases.
Solid understanding of logging technologies (syslog, Windows and UNIX native logging)
Extensive knowledge of a tier Splunk installation; indexers, forwarders, search heads, clusters
Familiar with Splunk architecture and best practices
Driving and managing the technology evaluation and integration of add-ons for Splunk.
Standardize Splunk forwarder deployment, configuration, and maintenance across a variety of platforms
Experience creating new data feeds for ingestion.
Experience using DBX and DBConnect
Demonstrated expert-level knowledge of Linux systems, ability to create new accounts, assign permissions, install/start/stop services as needed, and maintain configuration using git/deployment/server.
Demonstrated knowledge of Regular Expression, Splunk SPL, Syslog, Python, DNS, DHCP, and file storage technologies
Experience creating new data feeds for ingestion.
Experience with eval commands, advanced lookup topics, advanced alert actions, using regex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, and accelerating reports and data models.
Knowledge of UF and HF installation and configuration of Indexers Must have strong communication skills and a solid understanding of IT Security concepts to include vulnerability & patch management, security operations, Incident Management, and Incident response. The candidate must be able to work with other team members and groups, work with competing priorities, and possess strong customer focus.
Required Clearance
US Citizenship
Ability to obtain a Top Secret security clearance
Ability to obtain an Interim Top Secret security clearance prior to starting work.
Desired
Background in systems engineering, requirements analysis and synthesis.
Operational security & incident response experience with tools such as IDS, Antivirus, Vulnerability Scanners, SIEM.
Relevant security certifications (CISSP, CISSP-ISSEP, CISSP-ISSAP, GSEC, etc.), certification and accreditation experience, familiarity with NIST and federal standards such as OMB & FISMA.
Excellent MS-Windows Server administration & maintenance
Familiarity with PKIs and related technologies (LDAP directories, HSMs, OCSP) and security practices
Excellent oral and written communication skills
Excellent analytical and troubleshooting skills.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site. REQNUMBER: 2403406
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability
