Global Business Solutions Inc.
Splunk Administrator
Global Business Solutions Inc., Landover, Maryland, United States,
OverviewGBSI is seeking an Information Technology (IT) professional for the role of Splunk Administrator in Landover, MD to maintain and enhance the existing Splunk infrastructure in the enterprise. Further projects will involve the implementation of Splunk Enterprise Security (ES) and Security Orchestration, Automation, and Response (SOAR) and other vendor solutions.
Responsibilities
Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture;Performs on-going security testing and code review to improve software security;Troubleshoots and debugs issues that arise;Provides engineering designs for new software solutions to help mitigate security vulnerabilities;Contributes to all levels of the architecture and maintains technical documentation;Consults team members on secure coding practices and develops a familiarity with new tools and best practices;Designs, implements, and maintains SIEM and SOAR solutions;Designs and implements threat detection, automates incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs;Maintains SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices;Utilizes expertise in Splunk 'Search' language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels;Performs troubleshooting and provides assistance with the creation of Splunk search queries and dashboards.Qualifications
LEVEL IV : Bachelor's degree in a related field, with eight (8) to (10) years’ experience is required; OR Masters degree in a related field with six (6) to (8) years’ experience; OR PhD with three (3) to five (5) years’ experience;Must have a current DoD 8570.1-M IAT Level III certification (i.e., CASP CE, CISA, CISSP) at start;Must possess an active TS/SCI clearance with SCI eligibility at start;Experience with importing data in Splunk from various sources: endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies is required;Experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of Splunk is required;Experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructure is required;Experience building dashboards highlighting the key trends of the data is required;Proficiency within a Windows and Linux environment, editing and maintaining Splunk configuration files and apps is required;Experience in working in a Splunk clustered environment supporting SOC or NOC environment is required;Experience with virtualization technologies is required.
About GBSI
Established in 1995, Global Business Solutions, Inc. offers customers a distinctive blend of information technology capabilities, education and training services, and information assurance solutions. Managed by a team of executive leaders experienced in the field of information technology and training services within the industry and government, GBSI prides itself on exceeding expectations. Our award-winning solutions give clients the support tools needed to successfully deliver in evolving environments with confidence.GBSI is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard for race, religion, color, national origin, sex, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.This Contractor and subcontractor shall abide by the requirements of 41 CFR-60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.Pay Transparency Nondiscrimination Provision:GBSI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with GBSI’s legal duty to furnish information.Drug Free Workplace:We maintain a drug-free workplace and perform pre-employment substance abuse testing.
#J-18808-Ljbffr
Responsibilities
Implements, tests, and operates advanced software security techniques in compliance with technical reference architecture;Performs on-going security testing and code review to improve software security;Troubleshoots and debugs issues that arise;Provides engineering designs for new software solutions to help mitigate security vulnerabilities;Contributes to all levels of the architecture and maintains technical documentation;Consults team members on secure coding practices and develops a familiarity with new tools and best practices;Designs, implements, and maintains SIEM and SOAR solutions;Designs and implements threat detection, automates incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs;Maintains SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security-relevant devices;Utilizes expertise in Splunk 'Search' language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Build Splunk dashboards that take inputs from various data sources such as application logs / operating system logs / middleware logs / network feeds etc. and identify / highlight anomalous activities on the dashboards by their severity levels;Performs troubleshooting and provides assistance with the creation of Splunk search queries and dashboards.Qualifications
LEVEL IV : Bachelor's degree in a related field, with eight (8) to (10) years’ experience is required; OR Masters degree in a related field with six (6) to (8) years’ experience; OR PhD with three (3) to five (5) years’ experience;Must have a current DoD 8570.1-M IAT Level III certification (i.e., CASP CE, CISA, CISSP) at start;Must possess an active TS/SCI clearance with SCI eligibility at start;Experience with importing data in Splunk from various sources: endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies is required;Experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting of Splunk is required;Experience with designing, implementing, configuring, operating, or testing IT systems or security infrastructure is required;Experience building dashboards highlighting the key trends of the data is required;Proficiency within a Windows and Linux environment, editing and maintaining Splunk configuration files and apps is required;Experience in working in a Splunk clustered environment supporting SOC or NOC environment is required;Experience with virtualization technologies is required.
About GBSI
Established in 1995, Global Business Solutions, Inc. offers customers a distinctive blend of information technology capabilities, education and training services, and information assurance solutions. Managed by a team of executive leaders experienced in the field of information technology and training services within the industry and government, GBSI prides itself on exceeding expectations. Our award-winning solutions give clients the support tools needed to successfully deliver in evolving environments with confidence.GBSI is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard for race, religion, color, national origin, sex, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.This Contractor and subcontractor shall abide by the requirements of 41 CFR-60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.Pay Transparency Nondiscrimination Provision:GBSI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with GBSI’s legal duty to furnish information.Drug Free Workplace:We maintain a drug-free workplace and perform pre-employment substance abuse testing.
#J-18808-Ljbffr