General Dynamics Information Technology
Splunk Engineer
General Dynamics Information Technology, Bossier City, Louisiana, United States, 71111
Own your career as a
Splunk Engineer
at GDIT. Here, you’ll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow.At GDIT, people are our differentiator. As
Splunk Engineer , you will help ensure today is safe and tomorrow is smarter. Our work depends on a
Splunk Engineer
joining our team to provide technical expertise in support of Cyber innovation.HOW A SPLUNK ENGINEER ADVISOR WILL MAKE AN IMPACT:Support ongoing OMB M-21-31 effortsMaturing Splunk Data Lake under CIM Compliance ModelPrioritizing data sourcesIdentifying parsing and tagging issuesWorking with our Splunk Core administrator team to fix the parsing and tagging issuesUpdating CIM data modelsWorking with our Threat Intelligence team to add signatures and detections in Splunk Enterprise Security's Threat Intelligence FrameworkWorking with our Incident Response teamCreating and tuning detections for attacks and vulnerabilities in Splunk Enterprise SecurityFixing issues with the data in Splunk, such as missing fields or missing data typesAssist our IR team with search queriesCreating scripts to automate tasksUsing Splunk SOAR to create and improve existing automation use cases/playbooksConfiguring and maintaining the Splunk Enterprise Security Asset and Identity FrameworkIdentifying sources for asset dataIdentifying sources for asset location and ownership informationOptimizing and Tuning Splunk UBAAssisting Splunk users with creating queries, reports and dashboardsWHAT YOU’LL NEED TO SUCCEED:BA/BS and 8+ years of relevant experience or equivalent years of experience2+ years of Splunk Administration experienceActive Splunk Enterprise Security Admin and Splunk Advanced Power User certificationsSecurity+/GSEC/CASP/CISSP/Cloud or equivalent 8570 Cyber Security CertificationAbility to manage long term projectsProactively identify and correct problemsWriting documentation and SOPsWorking with vendor support to resolve issuesAbility to work with other teams at the EPA, such as firewall, networking and vulnerability management teamsMust possess or be able to obtain and maintain Public TrustUS Citizenship requiredNICE TO HAVES:Previous experience at the EPABasic knowledge about incident response, threat intelligence and vulnerability managementFamiliar with SCCMFamiliar with Microsoft DefenderFamiliar with asset management, Xacta, FISMA systems, ADC processAbility to write scripts in PowerShell and PythonExisting EPA privileged account
#J-18808-Ljbffr
Splunk Engineer
at GDIT. Here, you’ll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow.At GDIT, people are our differentiator. As
Splunk Engineer , you will help ensure today is safe and tomorrow is smarter. Our work depends on a
Splunk Engineer
joining our team to provide technical expertise in support of Cyber innovation.HOW A SPLUNK ENGINEER ADVISOR WILL MAKE AN IMPACT:Support ongoing OMB M-21-31 effortsMaturing Splunk Data Lake under CIM Compliance ModelPrioritizing data sourcesIdentifying parsing and tagging issuesWorking with our Splunk Core administrator team to fix the parsing and tagging issuesUpdating CIM data modelsWorking with our Threat Intelligence team to add signatures and detections in Splunk Enterprise Security's Threat Intelligence FrameworkWorking with our Incident Response teamCreating and tuning detections for attacks and vulnerabilities in Splunk Enterprise SecurityFixing issues with the data in Splunk, such as missing fields or missing data typesAssist our IR team with search queriesCreating scripts to automate tasksUsing Splunk SOAR to create and improve existing automation use cases/playbooksConfiguring and maintaining the Splunk Enterprise Security Asset and Identity FrameworkIdentifying sources for asset dataIdentifying sources for asset location and ownership informationOptimizing and Tuning Splunk UBAAssisting Splunk users with creating queries, reports and dashboardsWHAT YOU’LL NEED TO SUCCEED:BA/BS and 8+ years of relevant experience or equivalent years of experience2+ years of Splunk Administration experienceActive Splunk Enterprise Security Admin and Splunk Advanced Power User certificationsSecurity+/GSEC/CASP/CISSP/Cloud or equivalent 8570 Cyber Security CertificationAbility to manage long term projectsProactively identify and correct problemsWriting documentation and SOPsWorking with vendor support to resolve issuesAbility to work with other teams at the EPA, such as firewall, networking and vulnerability management teamsMust possess or be able to obtain and maintain Public TrustUS Citizenship requiredNICE TO HAVES:Previous experience at the EPABasic knowledge about incident response, threat intelligence and vulnerability managementFamiliar with SCCMFamiliar with Microsoft DefenderFamiliar with asset management, Xacta, FISMA systems, ADC processAbility to write scripts in PowerShell and PythonExisting EPA privileged account
#J-18808-Ljbffr