Xcelerate Solutions
Cybersecurity Engineer Splunk - Secret
Xcelerate Solutions, Quantico, Virginia, United States, 22134
Xcelerate Solutions
Xcelerate Solutions is seeking a Cybersecurity Engineer – Splunk that can correlate threat data from various sources to establish the identity and modus operandi of hackers active in client’s networks and posing a potential threat. Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. Come join our award-winning organization and work with some of the most talented and brightest minds in the GovCon industry.Location:Quantico, VA (telework flexibility at customer discretion)Security Clearance:SecretResponsibilities:Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyberthreats to the client.Provides timely and actionable sanitized intelligence to cyber incident response professionals.Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.Conducts intelligence analysis to assess intrusion signatures, tactics, techniques, and procedures associated with preparation for and execution of cyber-attacks.Research hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.Coordinates with the Cyber Security and Operations teams to build dashboards and queries to assist with threat detection and incident response.Participates in developing security-focused content for Splunk implementations across multiple network classifications on Department of Defense (DoD) networks.Assists with designing log management and data ingest solutions while ensuring efficiency and scalability.Supports the development of automation and scripting directly supporting data/threat analysis.Implements and manages Splunk add-ons to enhance capabilities to include advanced threat detection and machine learning.Supports the A&A authorization of the Splunk environment.Monitors system recovery processes to ensure security features and functions are properly restored and functioning correctly following outages.Supports implementation efforts for response/actions addressing operational and communication orders from governing organizations.Provides expert analysis of logs/alerts/records to prevent or detect anomalies or adverse events.Supports the Government in the enforcement of suspected malicious activity.Participates in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes.Works on project teams responsible for engineering and packaging releases to integrate within the customer’s production IT environment.Guides and advises government customer with Splunk best practice solutions and configurations.Supports a growing Cybersecurity team with occasional training evolutions.Supports RMF compliance requirements by analyzing processes and recommending solutions.Communicates well, both written and verbally.Other duties as assigned; associated with and/or in support of your primary role or program mission.Minimum Qualifications:Active Secret clearance: TS/SCI is highly preferred.Position requires on-site support at Quantico, VA with telework flexibility at customer’s discretion.High School with 10+ years (or commensurate experience).5+ years of managing Splunk and SIEM systems.2+ years of security engineering experience working with DoD IT systems and solutions.1+ years of experience with application and OS logging.Experienced with Splunk Enterprise operations to include:Configuration and system tuning.Alert and report creation.Deployment scaling.User Based Analytics implementation and review.Preferred Qualifications:Active Splunk certification highly preferred (Architect/Developer level).Familiar with Splunk Enterprise operations to include:Overall enterprise deployment and implementation.Endpoint troubleshooting.Splunk account management.Deployment scaling.DoD STIG dashboard creation.ATO of Splunk systems in DoD packages.About Xcelerate Solutions:Founded in 2009 and headquartered in McLean, VA, Xcelerate Solutions (www.xceleratesolutions.com) is one of America's fastest-growing companies. Xcelerate’s culture is defined by our diversified workforce of dynamic and versatile professionals, supported with growth and development opportunities that contribute to individual and company growth. This strong commitment to our employees has been recognized by our inclusion on the Washington Business Journal’s “50 Best Places to Work” list as well as being a “Great Place to Work” certified company with a 4.6 star, and a 99% CEO approval Glassdoor rating. Come find out why Xcelerate Solutions is one of the DC Metro top employers!Xcelerate Solutions is an Equal Employment Opportunity/Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, age, equal pay, disability, veteran status, sex, sexual orientation, gender identity, genetic information, or expression of another protected characteristic. As part of this commitment to the full inclusion of all qualified individuals, Xcelerate provides reasonable accommodations if needed because of an applicant's or an employee's disability.Pay Transparency Notice:
Xcelerate Solutions will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.
#J-18808-Ljbffr
Xcelerate Solutions is seeking a Cybersecurity Engineer – Splunk that can correlate threat data from various sources to establish the identity and modus operandi of hackers active in client’s networks and posing a potential threat. Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. Come join our award-winning organization and work with some of the most talented and brightest minds in the GovCon industry.Location:Quantico, VA (telework flexibility at customer discretion)Security Clearance:SecretResponsibilities:Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyberthreats to the client.Provides timely and actionable sanitized intelligence to cyber incident response professionals.Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.Conducts intelligence analysis to assess intrusion signatures, tactics, techniques, and procedures associated with preparation for and execution of cyber-attacks.Research hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.Coordinates with the Cyber Security and Operations teams to build dashboards and queries to assist with threat detection and incident response.Participates in developing security-focused content for Splunk implementations across multiple network classifications on Department of Defense (DoD) networks.Assists with designing log management and data ingest solutions while ensuring efficiency and scalability.Supports the development of automation and scripting directly supporting data/threat analysis.Implements and manages Splunk add-ons to enhance capabilities to include advanced threat detection and machine learning.Supports the A&A authorization of the Splunk environment.Monitors system recovery processes to ensure security features and functions are properly restored and functioning correctly following outages.Supports implementation efforts for response/actions addressing operational and communication orders from governing organizations.Provides expert analysis of logs/alerts/records to prevent or detect anomalies or adverse events.Supports the Government in the enforcement of suspected malicious activity.Participates in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes.Works on project teams responsible for engineering and packaging releases to integrate within the customer’s production IT environment.Guides and advises government customer with Splunk best practice solutions and configurations.Supports a growing Cybersecurity team with occasional training evolutions.Supports RMF compliance requirements by analyzing processes and recommending solutions.Communicates well, both written and verbally.Other duties as assigned; associated with and/or in support of your primary role or program mission.Minimum Qualifications:Active Secret clearance: TS/SCI is highly preferred.Position requires on-site support at Quantico, VA with telework flexibility at customer’s discretion.High School with 10+ years (or commensurate experience).5+ years of managing Splunk and SIEM systems.2+ years of security engineering experience working with DoD IT systems and solutions.1+ years of experience with application and OS logging.Experienced with Splunk Enterprise operations to include:Configuration and system tuning.Alert and report creation.Deployment scaling.User Based Analytics implementation and review.Preferred Qualifications:Active Splunk certification highly preferred (Architect/Developer level).Familiar with Splunk Enterprise operations to include:Overall enterprise deployment and implementation.Endpoint troubleshooting.Splunk account management.Deployment scaling.DoD STIG dashboard creation.ATO of Splunk systems in DoD packages.About Xcelerate Solutions:Founded in 2009 and headquartered in McLean, VA, Xcelerate Solutions (www.xceleratesolutions.com) is one of America's fastest-growing companies. Xcelerate’s culture is defined by our diversified workforce of dynamic and versatile professionals, supported with growth and development opportunities that contribute to individual and company growth. This strong commitment to our employees has been recognized by our inclusion on the Washington Business Journal’s “50 Best Places to Work” list as well as being a “Great Place to Work” certified company with a 4.6 star, and a 99% CEO approval Glassdoor rating. Come find out why Xcelerate Solutions is one of the DC Metro top employers!Xcelerate Solutions is an Equal Employment Opportunity/Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, age, equal pay, disability, veteran status, sex, sexual orientation, gender identity, genetic information, or expression of another protected characteristic. As part of this commitment to the full inclusion of all qualified individuals, Xcelerate provides reasonable accommodations if needed because of an applicant's or an employee's disability.Pay Transparency Notice:
Xcelerate Solutions will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.
#J-18808-Ljbffr