Splunk Architect

Caci International Inc. Chantilly , VA 22022

Posted 2 months ago

Splunk Architect

Req #: 218702

Location: Chantilly, VA US

Job Category: Information Technology

Security Clearance: Secret

Clearance Status: Must be Obtainable

Job Description

The CDM Program is managed within the DHS National Protection and Programs Directorate, (NPPD)/Office of Cybersecurity and Communications (CS&C)/Network Security Deployment (NSD) Division, responsible for enhancing the security, resilience, and reliability of the Nation's cyber and communications infrastructure. The DHS CDM Program mission is to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving. The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks.

The CDM Solution uses Splunk as it SEIM. This role is to be recognized subject matter expert for configuring and administering the Splunk instance(s) that underpin the overall solution to include configuring the associated data feeds. This role also provides feedback for continuous improvement based on architectural enhancements. Since Splunk is the integration point of the CDM Solution, this position will be working very closely with the other elements of the solution (i.e. the tools and sensors, the orchestration engine and the dashboards) to ensure overall functionality.

What You'll Get to Do:

  • Architect, Design and Set up and configure Splunk search servers, deployment servers, clustered indexers, and forwarders, as required

  • Design, configure and establish incoming Index feeds from many desperate cyber security tools across the DHS Enterprise to include Operating System and Application level logging.

  • Design, configurate and build a complex operations dashboard to monitor the CDM Solution Environment to include data integrity and quality checks

  • Design, configure and build output feeds for RSA Archer to consume based on the CDM Data Model.

  • Create the procedures and supervise the migration from the current distributed environment into the new consolidated environment.

  • Demonstrate innovative influence for projects

  • Problems faced are difficult and often complex

  • Communicates with parties within and outside of own job function

More About the Role:

  • Prepare status reports at least weekly and monthly and complete other reporting requirements as required

  • Provide QA for team member's work

  • Responsible for developing, coordinating and maintaining the relevant portions of the Service Operations Handbook and holding team members accountable for following published SOPs.

  • Track and report on team's performance via formal performance metrics

  • Responsible for providing guidance, coaching and training to other employees within technical discipline

You'll Bring These Qualifications:

  • US Citizenship required

  • Must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) EOD clearance. Active DoD clearance preferred

  • BA/BS or equivalent years of experience and 10+ Years of relevant experience

  • Certification: Splunk Certified Architect

  • Demonstrated experience designing and implementing Enterprise level Clustered Splunk environments consuming data from lots of different sources.

  • Demonstrated experience designing and building complex dashboards based on Splunk to include complex logic, workflows and data transformation.

  • Demonstrated experience building and maintaining a complex data model to normalize incoming data sources.

  • Demonstrated knowledge of ITIL processes and experience leading a Cyber Operations Team using those processes

These Qualifications Would be Nice to Have:

  • Working knowledge Cyber Security tools like the McAfee and Symantec Suites, Tenable Nesses, ForeScout, RSA Archer

  • Agile developmental experience

  • Relevant DHS or .Gov Cyber Security focused experience

  • Clear and proven communicator and technical leader. Must be able to work well in an environment where they are facilitating a large group of government and other contractor personnel to achieve a common goal.

  • Detail oriented must be able to recognize critical elements of successful operations and then hold themselves and their teams accountable for meeting those critical elements.

  • Flexibility The environment is very dynamic. The Engineering Manager will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness

  • Team Player This role is part of a much larger team. The engineering manager will be expected to grow and develop their subordinate team members' moral and wellbeing as well as support the overall Operations Team and Team CACI's mission.

What We Can Offer You:

  • We've been named a Best Place to Work by the Washington Post.

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.

  • For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.

CDMHP

Job Location

US-Chantilly-VA-VIRGINIA SUBURBAN

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Splunk Architect Lead

Caci International Inc.

Posted 2 months ago

VIEW JOBS 3/20/2019 12:00:00 AM 2019-06-18T00:00 Splunk Architect Lead Req #: 218580 Location: Chantilly, VA US Job Category: Information Technology Security Clearance: Secret Clearance Status: Must be Obtainable Job Description The CDM Program is managed within the DHS National Protection and Programs Directorate, (NPPD)/Office of Cybersecurity and Communications (CS&C)/Network Security Deployment (NSD) Division, responsible for enhancing the security, resilience, and reliability of the Nation's cyber and communications infrastructure. The DHS CDM Program mission is to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving. The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks. What You'll Get to Do: Manage a team of Splunk Engineers responsible for acquiring, customizing, configuring, implementing, and integrating cutting edge Cyber defense technologies in support of DHS. More About the Role: * Manages experienced professionals who exercise latitude and independence in assignments * Responsible for overseeing and developing complex Splunk based dashboards * Manages a team with a focus on policy, implementation of strategic initiatives and execution of day to day deliverables. * Develops processes, standards and operational plans * Problems faced are difficult to moderately complex * Establishes or works to achieve, team objectives, operational plans with measurable contribution towards the achievement of results of the job function or completion of a project. * Responsible for improving upon existing processes and systems using significant conceptualizing, reasoning and interpretation. * Conduct investigations for root cause analysis of problems or issues * Communicates with team members and customers * Performs integration activities to connect with 3rd party software APIs * Responsible for making moderate to significant improvements of systems or products to enhance performance of programs and projects * Analyze and make recommendations for various Risk Management Framework Compliance Artifacts * Responsible for making moderate to significant improvements of processes, systems or products to enhance performance of job area OR may demonstrate innovative influence within a project that has impact and participation from multiple departments. * Influences others outside of own job area regarding policies, practices and procedures OR may be a recognized subject matter expert * Communicates with parties within and outside of own job function, which may include external customers or vendors depending upon the job function. * Design and architect new CDM capabilities, ensuring interoperability between Splunk and new tool/sensor data feeds * Configure Splunk to enable new forwarders and logging architectures in support of the Capability Validation pilot * Responsible for making moderate to significant improvements of systems or products to enhance performance of programs and projects * Manages a small to mid-sized team consisting of experienced professionals. Leads, directs and reviews the work of a team who exercise latitude and independence in their assignments. * Design and architect logs IAW CDM Technical Capabilities Requirements * Provide data analysis, log analysis, logging solution details for CDM Solution Implementation architecture updates and SDR SELC phase gate documentation You'll Bring These Qualifications: * 8+ Years' Experience * Splunk Architect Certification * Experience working directly with Senior Leaders and Customers * Experience engineering and creating documentation including Desktop Procedures and Implementation guides for Splunk based solutions * Proven experience developing and implementing complex Splunk-Based Dashboards as well as developing customized analytics and workflows based on data contained in Splunk * Demonstrated experience in developing and implementing complex data models in Splunk * Well-versed in Systems Design and Engineering These Qualifications Would be Nice to Have: * Strong written, verbal, and non-verbal communication * Certified Information Systems Security Professional (CISSP) * Typically has a University Degree (BA/BS) or equivalent experience and minimum 5 years related work experience. * Typically has advanced knowledge and skills within a specific technical or professional discipline with understanding of the impact of work on other areas of the organization. What We Can Offer You: * We've been named a Best Place to Work by the Washington Post. * Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. * We offer competitive benefits and learning and development opportunities. * We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities. * For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success. CDMHP Job Location US-Chantilly-VA-VIRGINIA SUBURBAN CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities. Caci International Inc. Chantilly VA

Splunk Architect

Caci International Inc.