Jobs · Information Technology · Florida

Cyber Systems Administrator 2 with Security Clearance

ASD · Tampa, FL · 1 wk ago
Information TechnologyFull-time

Essential Duties

  • Utilize your experience with a Security Information and Event Management (SIEM) tool. Splunk is preferred, but experience with an equivalent SIEM would be acceptable.
    • Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources.
      • Develop and implement Splunk queries to generate actionable insights for proactive threat detection and response.
    • Design Splunk Dashboards and Reports:
      • Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors.
    • Provide real-time visibility into security events, trends, and key performance indicators.
    • Configure and Maintain Splunk Infrastructure:
      • Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines.
    • Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders.
    • Utilize Splunk Enterprise Security:
      • Develop and implement security use cases, correlation searches, and notable events for threat detection and analysis.
    • Monitor security-related alerts and incidents to identify and prioritize security threats.
    • Utilize Trellix/Endpoint Security Solutions (ESS), formerly Host Based Security System (HBSS) to detect and counter known threats.
  • Collaborate with Cross-Functional Teams:
    • Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems.
  • Provide technical expertise in advising security on best practices and designing effective security controls.
  • Investigate Security Incidents:
    • Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities.
  • Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions.
  • Documentation and Reporting:
    • Document Splunk configuration, operational procedures, and security findings.
  • Prepare comprehensive reports detailing security events, trends, and mitigation strategies.
  • Communicate technical information effectively to non-technical stakeholders.
  • Stay current with Industry Trends:
    • Stay abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices.
  • Continuously enhance your knowledge of Splunk features and capabilities through self-study, professional training, and certifications.

Basic Qualifications for Cybersecurity Analyst

  • Bachelor’s degree with 2 years of experience
  • U.S. Citizenship required
  • A current/active DoD TS/SCI clearance
  • Must possess DoD 8570 Certification for IAT Level II or higher prior to start date.
  • Experience with a Security Information and Event Management (SIEM) tool.
  • Ability to collaborate with other teams to investigate security incidents and provide insights for improving security posture.
  • Working knowledge of network security controls such as routers, switches, firewalls and network access controls.
  • Working Knowledge of Linux and Windows Operating Systems.
  • Knowledge of vulnerabilities, threat detection, encryption, and security audits.
  • Must be willing to work a Panama schedule that includes working 12-hour shifts.

Similar jobs