SIEM Administrator Support with Security Clearance
Akima Infrastructure Services · Ewa Villages, HI · 1 mo ago
Information Technology$127k–$132k/yrFull-time
Responsibilities
- Serve as the primary Splunk platform administrator, designing, implementing, administering, and maintaining Splunk Enterprise and Splunk Enterprise Security (ES) deployments including configurations, indexes, apps, knowledge objects, data inputs, and security content while ensuring optimal performance, availability, and smooth installation of updates and patches.
- Maintain overall SIEM system health and security posture by tracking performance and capacity, conducting STIG and PKI compliance activities, reviewing and validating ACAS scan results, auditing security practices to prevent incidents, and proactively identifying system shortfalls, discrepancies, and opportunities for improvement or automation.
- Develop and enhance security monitoring capabilities through the creation of dashboards, alerts, reports, correlation logic, and new data inputs; partner with system administrators and developers to expand visibility, troubleshoot issues, and build workflows for CND-related assets and ServiceNow-integrated processes.
- Maintain operational readiness and documentation by managing configuration baselines, recording all changes, evaluating daily ServiceNow tickets, ensuring continuous compliance with DoD/USINDOPACOM requirements, and supporting after-hours or weekend activities for scheduled or unscheduled outages.
Qualifications
- IAW DoD 8140.03-M, must meet the Intermediate Proficiency Level Qualifications.
- Must have at least four years of system, network administration or developer experience and two years of Splunk administration.
- Must have Splunk Enterprise Certified Admin credential.
- Must have experience administering Linux servers.
- Must have experience with SIEM Content Development.
- Demonstrated experience of strong analytical and problem-solving skills.
- An active secret clearance is required.
Desired Qualifications
- Prefers Red Hat Linux administrator certification (RHCSA/RHCE).
- Prefers experience with Splunk Enterprise Security.
- Prefers experience in a virtualized environment (VMware, etc).
- Prefers one or more relevant CND certifications: CISSP, CASP, OSCP, CySA+, CEH, or GCIH.