Mission Support and Test Services, LLC
Senior Cyber Security Analyst (Splunk)
Mission Support and Test Services, LLC, North Las Vegas, Nevada, United States, 89095
Overview:
Mission Support and Test Services, LLC (MSTS) manages and operates the Nevada National Security Site (NNSS) for the U.S. National Nuclear Security Administration (NNSA). Our MISSION is to help ensure the security of the United States and its allies by providing high-hazard experimentation and incident response capabilities through operations, engineering, education, field, and integration services and by acting as environmental stewards to the Site’s Cold War legacy. Our VISION is to be the user site of choice for large-scale, high-hazard, national security experimentation, with premier facilities and capabilities below ground, on the ground, and in the air. Our 2,750+ professional, craft, and support employees are called upon to innovate, collaborate, and deliver on some of the more difficult nuclear security challenges facing the world today. In this environment, the best ideas need to be voiced and every opinion matters. As such, MSTS places great value on Diversity, Equity, and Inclusion and is committed to a diverse and equitable workforce, with an inclusive culture that values and celebrates the diversity of our people, talents, ideas, and perspectives.
MSTS offers our full-time employees highly competitive salaries and benefits packages including medical, dental, and vision; both a pension and a 401k; paid time off and 96 hours of paid holidays; relocation (if located more than 75 miles from work location); tuition assistance and reimbursement; and more.
MSTS is a limited liability company consisting of Honeywell International Inc. (Honeywell), Jacobs Engineering Group Inc. (Jacobs), and HII Nuclear Inc.
Responsibilities:
MSTS is seeking an experienced candidate for a Senior Splunk Engineer. The Senior Splunk Engineer will play a critical role in safeguarding company infrastructure from cyber threats and attacks by delivering innovative solutions which enhance the capabilities of the Cyber Security section to detect and identify threat activity and system intrusions. The position is responsible for a range of Splunk development and configuration activities including system deployment, Splunk app implementation, data onboarding, and other Splunk integrations.
Duties and Responsibilities:
Assist in managing the organization's Splunk environment providing fundamental knowledge of the Splunk license manager, indexers, and search heads.
Conduct a range of Splunk development and configuration activities including system deployment, Splunk app implementation, data onboarding, and other Splunk integrations.
Mature and maintain premium Splunk applications to include Enterprise Security, SOAR, & ITSI, as well as research new applications to modernize the deployment.
Develop SOAR playbooks to minimize security incident response time and develop advanced techniques to identify and mitigate vulnerabilities.
Collaboratively design and implement custom Splunk solutions which satisfy project requirements.
Use established standards, practices, and procedures as well as an increasing technical knowledge to solve problems and complete projects.
Review current Cyber Security threat information and assist the Threat Evaluation Team with mitigating vulnerabilities identified.
Collaborate with other outside Cyber Security interests such as Counterintelligence, other DOE sites, US CERT, and law enforcement.
Assist with data calls, FISMA reporting, compliance scanning and reporting, continuous monitoring, and compiling reports for auditors.
Perform other duties assigned by Management.
Qualifications:
Bachelor’s degree or equivalent training and experience in a computer-related field and at least 5 years of related experience.
Preferred Qualifications:
Splunk Enterprise Certified Architect
Splunk Enterprise Security Certified Administrator
Splunk SOAR Certified Automation Developer
Splunk IT Service Intelligence Certified Administrator
A strong IT background, including networking fundamentals and system. Able to demonstrate thorough understanding of basic principles, theories, standards, practices, protocols, and procedures used in Cyber Security as well as knowledge of Linux administration services.
Experience deploying, configuring, and managing Splunk systems.
Experience with centralized logging and filtering (Splunk, syslog).
Experience deploying and troubleshooting large clustered Splunk deployments.
Experience onboarding various data sources into Splunk using multiple input techniques.
Experience developing and maintaining health monitoring for a large Splunk deployment and data sources.
Experience managing Splunk via the command-line interface.
Experience with DevOps platforms and tools (Jira, git, Jenkins, Ansible).
A strong understanding of software development best practices and design patterns.
Modern programming skills in any language, including version control, test-driven development, and debugging.
Knowledge, experience, and scripting skills (Bash, Python, PowerShell, etc.).
Familiarity with compliance frameworks, security best practices, and product security baselines.
Experience using configuration management tools in a production environment.
Possess considerable organizational and project management skills.
Ability to develop Security Orchestration Automation and Response (SOAR) solutions including playbooks and integrate with Splunk.
Ability to maintain strict confidentiality.
Ability to communicate effectively in English, both verbally and in writing, sufficient to communicate with co-workers, customers, write clear and concise reports, gather information, and collect information.
Ability to use multiple electronic devices including standard office machines, cellular phones, and security appliances.
General understanding of cybersecurity controls used to mitigate vulnerabilities.
The primary work location will be at the Losee Road facility located in North Las Vegas, Nevada.
Work schedule will be 4/10's Monday through Thursday (subject to change).
Pre-placement physical examination, which includes a drug-screen, is required. MSTS maintains a substance abuse policy that includes random drug testing.
Must possess a valid driver's license.
MSTS is required by DOE directive to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants offered employment with MSTS are also subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment. In addition, Applicants for employment must be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship, at least 18 years of age. Reference DOE Order 472.2, “Personnel Security”. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.
Department of Energy Q Clearance:
(position will be cleared to this level). Reviews and tests for the absence of any illegal drug as defined in 10 CFR Part 707.4, “Workplace Substance Abuse Programs at DOE Sites,” will be conducted. Applicant selected will be subject to a Federal background investigation, required to participate in subsequent reinvestigations, and must meet the eligibility requirements for access to classified matter. Successful completion of a counterintelligence evaluation, which may include a counterintelligence-scope polygraph examination, may also be required. Reference 10 CFR Part 709, “Counterintelligence Evaluation Program.”
MSTS is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. MSTS is a background screening, drug-free workplace.
Annual salary range for this position is:
$92,892.80 - $139,339.20.
Starting salary is determined based on the position market value, the individual candidate education and experience and internal equity.
#J-18808-Ljbffr
Mission Support and Test Services, LLC (MSTS) manages and operates the Nevada National Security Site (NNSS) for the U.S. National Nuclear Security Administration (NNSA). Our MISSION is to help ensure the security of the United States and its allies by providing high-hazard experimentation and incident response capabilities through operations, engineering, education, field, and integration services and by acting as environmental stewards to the Site’s Cold War legacy. Our VISION is to be the user site of choice for large-scale, high-hazard, national security experimentation, with premier facilities and capabilities below ground, on the ground, and in the air. Our 2,750+ professional, craft, and support employees are called upon to innovate, collaborate, and deliver on some of the more difficult nuclear security challenges facing the world today. In this environment, the best ideas need to be voiced and every opinion matters. As such, MSTS places great value on Diversity, Equity, and Inclusion and is committed to a diverse and equitable workforce, with an inclusive culture that values and celebrates the diversity of our people, talents, ideas, and perspectives.
MSTS offers our full-time employees highly competitive salaries and benefits packages including medical, dental, and vision; both a pension and a 401k; paid time off and 96 hours of paid holidays; relocation (if located more than 75 miles from work location); tuition assistance and reimbursement; and more.
MSTS is a limited liability company consisting of Honeywell International Inc. (Honeywell), Jacobs Engineering Group Inc. (Jacobs), and HII Nuclear Inc.
Responsibilities:
MSTS is seeking an experienced candidate for a Senior Splunk Engineer. The Senior Splunk Engineer will play a critical role in safeguarding company infrastructure from cyber threats and attacks by delivering innovative solutions which enhance the capabilities of the Cyber Security section to detect and identify threat activity and system intrusions. The position is responsible for a range of Splunk development and configuration activities including system deployment, Splunk app implementation, data onboarding, and other Splunk integrations.
Duties and Responsibilities:
Assist in managing the organization's Splunk environment providing fundamental knowledge of the Splunk license manager, indexers, and search heads.
Conduct a range of Splunk development and configuration activities including system deployment, Splunk app implementation, data onboarding, and other Splunk integrations.
Mature and maintain premium Splunk applications to include Enterprise Security, SOAR, & ITSI, as well as research new applications to modernize the deployment.
Develop SOAR playbooks to minimize security incident response time and develop advanced techniques to identify and mitigate vulnerabilities.
Collaboratively design and implement custom Splunk solutions which satisfy project requirements.
Use established standards, practices, and procedures as well as an increasing technical knowledge to solve problems and complete projects.
Review current Cyber Security threat information and assist the Threat Evaluation Team with mitigating vulnerabilities identified.
Collaborate with other outside Cyber Security interests such as Counterintelligence, other DOE sites, US CERT, and law enforcement.
Assist with data calls, FISMA reporting, compliance scanning and reporting, continuous monitoring, and compiling reports for auditors.
Perform other duties assigned by Management.
Qualifications:
Bachelor’s degree or equivalent training and experience in a computer-related field and at least 5 years of related experience.
Preferred Qualifications:
Splunk Enterprise Certified Architect
Splunk Enterprise Security Certified Administrator
Splunk SOAR Certified Automation Developer
Splunk IT Service Intelligence Certified Administrator
A strong IT background, including networking fundamentals and system. Able to demonstrate thorough understanding of basic principles, theories, standards, practices, protocols, and procedures used in Cyber Security as well as knowledge of Linux administration services.
Experience deploying, configuring, and managing Splunk systems.
Experience with centralized logging and filtering (Splunk, syslog).
Experience deploying and troubleshooting large clustered Splunk deployments.
Experience onboarding various data sources into Splunk using multiple input techniques.
Experience developing and maintaining health monitoring for a large Splunk deployment and data sources.
Experience managing Splunk via the command-line interface.
Experience with DevOps platforms and tools (Jira, git, Jenkins, Ansible).
A strong understanding of software development best practices and design patterns.
Modern programming skills in any language, including version control, test-driven development, and debugging.
Knowledge, experience, and scripting skills (Bash, Python, PowerShell, etc.).
Familiarity with compliance frameworks, security best practices, and product security baselines.
Experience using configuration management tools in a production environment.
Possess considerable organizational and project management skills.
Ability to develop Security Orchestration Automation and Response (SOAR) solutions including playbooks and integrate with Splunk.
Ability to maintain strict confidentiality.
Ability to communicate effectively in English, both verbally and in writing, sufficient to communicate with co-workers, customers, write clear and concise reports, gather information, and collect information.
Ability to use multiple electronic devices including standard office machines, cellular phones, and security appliances.
General understanding of cybersecurity controls used to mitigate vulnerabilities.
The primary work location will be at the Losee Road facility located in North Las Vegas, Nevada.
Work schedule will be 4/10's Monday through Thursday (subject to change).
Pre-placement physical examination, which includes a drug-screen, is required. MSTS maintains a substance abuse policy that includes random drug testing.
Must possess a valid driver's license.
MSTS is required by DOE directive to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants offered employment with MSTS are also subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment. In addition, Applicants for employment must be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship, at least 18 years of age. Reference DOE Order 472.2, “Personnel Security”. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.
Department of Energy Q Clearance:
(position will be cleared to this level). Reviews and tests for the absence of any illegal drug as defined in 10 CFR Part 707.4, “Workplace Substance Abuse Programs at DOE Sites,” will be conducted. Applicant selected will be subject to a Federal background investigation, required to participate in subsequent reinvestigations, and must meet the eligibility requirements for access to classified matter. Successful completion of a counterintelligence evaluation, which may include a counterintelligence-scope polygraph examination, may also be required. Reference 10 CFR Part 709, “Counterintelligence Evaluation Program.”
MSTS is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. MSTS is a background screening, drug-free workplace.
Annual salary range for this position is:
$92,892.80 - $139,339.20.
Starting salary is determined based on the position market value, the individual candidate education and experience and internal equity.
#J-18808-Ljbffr