IA Splunk Engineer, Senior - Ts/Sci

Your Impact:#lonewolf #dv Jacobs is looking for Senior Splunk Engineer to support its federal program in Warrenton, VA. Our mission is to operate and maintain the Distributed Continuity Integrated Network - Top Secret Enterprise Services (DCIN-TS ES). The DCIN-TS ES is a DoD provided, TS//SCI, integrated voice, video, and data, global communications network that facilitates collaboration among senior leaders and key staff.

Responsibilities: Provide overall engineering, and administration in supporting a very large distributed clustered Splunk environment with Splunk Enterprise Security Implement Splunk apps, queries, dashboards, alerts, and reports to provide actionable insights to various teams Perform log auditing and log management. Work closely with the operations team to monitor systems and environments for security incidents and general security operations Administration/operation of information security compliance tools/platforms with a special concentration in managing the Assured Compliance Assessment Solution (ACAS) and NESSUS. Perform vulnerability and malware remediation Identify potential conflicts with implementation of any cyber security tools within the enterprise Provide Tier 3 maintenance support for deployed cyber security technologies Assist with periodic and regular security assessments Assist with the development and maintenance of information security policies, standards, and control procedures to enable compliance with RMF Assist with POA&M management, mitigation statement formulation, interfacing with system administrators to resolve open findings of high and at-risk systems stis #divergent Here's what you'll need:

Active Top Secret/SCI Clearance BS or BA degree in a Computer Science or a related scientific discipline and 5 years of experience in an administrator position; 5 additional years of related experience can be used in lieu of a degree 2 years of experience in a Splunk role working in a Splunk clustered environment 2 years of knowledge and experience with ACAS and HBSS administration Experience creating custom dashboards, writing queries, building, and generating reports, and setting up alerts and notifications Demonstrated proficiency with recognizing and onboarding new data sources into Splunk and analyzing the data for anomalies and trends One of the following certifications: Splunk Core Certified Advanced Power User, Splunk Enterprise Certified Admin, Splunk Enterprise Certified Architect, or Splunk Core Certified Consultant Must meet DoD 8570.01-M IAT-II baseline certification requirements such as SEC or equivalent Experience with ForeScout Experience with NESSUS Experience with developing and presenting vulnerability information for technical and non-technical audiences Well-developed verbal and written communication skills Desired: Ability to work within VMWare, VCenter and Nutanix building Red Hat systems Managing and maintaining Red Hat Satellite/Ansible Possess understanding and experience with common cybersecurity toolsets and processes to include STIGS, IAVA Management and Implementation, and OPORD/FRAGO support Demonstrated experience in analysis simulation environment, configuring/troubleshooting software/hardware enhancements, application deployments, and infrastructure upgrades in a dynamic information system hosting environment