SIEM Engineer- TS/SCI

GuidePoint Security is seeking an experienced SIEM Engineer, preferably with experience leveraging SPLUNK capabilities to meet standing, adhoc, and future client needs. The successful candidate will be responsible for the deployment and implementation of the SPLUNK platform and SPLUNK-based services to meet the data handling and analytic needs of supported Information Technology, Security, and Intelligence Teams. This position requires the chosen candidate to have an active Top Secret security clearance with SCI eligibility.
Role and Responsibilities:
Provides engineering analysis, design and support for firewalls, routers, networks and operating systems. Performs vulnerability scans using vendor utility tools. Monitors security audit and intrusion detection system logs for system and network anomalies.
Monitors user access process to ensure operational integrity of the system. Enforces the information security configuration and maintains system for issuing, protecting, changing and revoking passwords.
Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications.
Performs product evaluations, recommends and implements products/services for network security. Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.
Provides enforcement of security directives, orders, standards, plans and procedures at server sites. Ensures system support personnel receive/maintain security awareness and training.
Maintains data and communicates to management the impact on business/customer caused by theft, destruction, alteration or denial of access to information.
Assume full functional ownership of the SPLUNK platform, maintaining all aspects of the platform and associated apps at peak effectiveness.
Develop SPLUNK dashboards and associated charts, graphs, and drilldowns to enable managers, administrators, users and analysts to maximize the utility of the SPLUNK platform and applications.
Research, develop and foster adoption and/or expansion of additional use cases to meet mission functions of those teams.
Advise and execute SPLUNK maintenance, patching and upgrades.
Train Administrators, Knowledge Managers, Developers and Users to maximize the utility of SPLUNK solutions within their mission areas.
Maintain up-to-the-minute functional and technical expertise of the SPLUNK platform and SPLUNK Applications through a robust relationship with the vendor and global user group.
Work with supported teams to ensure accuracy and currency of SOPs with regard to procedures which are dependent upon or leverage the SPLUNK platform.
Position Requirements:
Bachelor's degree or equivalent combination of education and experience
Bachelor's degree in computer science or related field preferred
Four or more years of experience in network, host, data and/or application security in multiple operating system environments
Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
Experience working with internet, web, application and network security techniques
Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
Experience working with NIST Special Publications and C & A process methodology
Possess security certifications (CISSP, CCNA, etc) and/or top secret security clearance
Preferred:
Good communication skills
Good analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
Ability to perform and interpret vulnerability assessments
Ability to administer the operations of a security infrastructure
Ability to balance and prioritize work
Bachelor's degree in Computer Science or related field and 7+ years experience, or equivalent combination of education and experience.
At least four years of direct experience creating security solutions with SPLUNK
Demonstrable expertise working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
Demonstrable expertise with Network Intrusion Detection/Prevention systems and host-based Intrusion Detection/Prevention systems.
Extensive experience developing SPLUNK dashboards to concisely and accurately display actionable security data/alerts.
Demonstrated experience in Security Information and Event Management (SlEM) operations, troubleshooting, and tuning.
Prefer CISSP, Certified Ethical Hacker (CEH)
Ability to operate under pressure and in developing, dynamic, or incomplete information environments
Ability to conceptualize and contextualize the SIEM needs of security practitioners from a wide range of teams, and provide solutions to meet those needs.
Effective briefing, collaboration, and communication skills.
Why GuidePoint?
GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 1,000 clients.
Firmly-defined core values drive all aspects of the business, which have been paramount to the company's success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.
This is a unique and rare opportunity to grow your career along with the one of the fastest growing companies in the nation.
Some added perks?.
MacBook Air or Pro
Healthy mobile phone and home internet allowance
100% employer-paid medical and dental with generous employer family contributions
Eligibility for retirement plan after 6 months at open enrollment
Equal Opportunity Employer
GuidePoint Security, LLC is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Sr Elastic (ELK) Engineer - TS/SCI
Springfield, VA General Dynamics Information Technology
CND Engineer TS/SCI Required
Lorton, VA General Dynamics Information Technology
Principal Network Engineer - TS/SCI - Alexandr...
Alexandria, VA General Dynamics Information Technology
Tier 3/4 Video Engineer TS SCI with Poly Required
Reston, VA Jacobs
O&M / Design Network Engineer TS SCI with Poly...
Reston, VA Jacobs