Bristol Bay Native Corp.
Cyber Data Engineer
Bristol Bay Native Corp., San Antonio, Texas, United States, 78208
Lackland Air Force Base, San Antonio, TX, USA ● San Antonio, TX, USA
Req #6829Friday, October 4, 2024STS Systems Support, LLC (SSS) is seeking a Cyber Data Engineer.Requirements:Must be a U.S. Citizen with an Active TS/SCI.More than 3 years of relevant work experience. BA/BS or MA/MS.Proficient with Splunk Processing Language (SPL), ELK Lucene Query Syntax, or other search/analytics tool.Proficient with programming/scripting fundamentals – including regex, C++, Python, RHEL, Unix Scripting, and Windows PowerShell.Experience in responding to security problems in target-rich environments, looking at security alerts, frontline analysis, and response.Understanding of SIEM 'Search' Language & Lucene Query Syntax. Understanding of SIEM Dashboard, Reports, Lookup Tables, and Summary Indexes.Knowledge of customizing Dashboards via the XML source.Experience with SIEM Apps and ELK.Experience with Python Scripting. Programming experience in Python, C/C++, Java, or Go.Demonstrated expertise with malware analysis, including investigations of botnet and rootkit behavior.Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography). Network Security Devices (IDS/IPS, NGFW, WAF, NGAV). OSSEC, Snort, Suricata experience.Experience with at least one SIEM (e.g., Alienvault, Logrhythm, Splunk, Qradar, ELK) and Firewalls (e.g., Fortinet, Sonicwall, Palo Alto).Experience with scanning technologies, log collection, and analysis tools (SIEM).Experience with scripting/programming languages (BASH, Python, Java, etc.).Extensive knowledge of MITRE ATT&CK framework and its uses within the cybersecurity community (e.g., Open Source projects).Duties:Write and develop scripts to automate the system installation of required patches and configurations to remediate identified system vulnerabilities.Perform coding and development as required to augment default SIEM functionality and facilitate the intercommunications of various security controls.Develop basic new cybersecurity capabilities.Develop and maintain existing Splunk, ELK, or other search/analytics tool’s knowledge objects (saved searches, reports, dashboards, data models, event types, field aliases, field extractions, macros, lookups, tags) to alert on potentially malicious activity or fulfill compliance/policy requirements.Develop, debug, and maintain scripting languages.Create, install, and test vulnerability fixes to Windows and Unix/Linux platforms.Assist/lead in conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture.Perform systems security engineering and test efforts associated with implementing security controls on networking devices, databases, operating systems, hardware, and software components.Develop vulnerability reports and investigation impact, resolution, and verification of security vulnerabilities and patches; as well as performing deep dive and impact analysis into failed patch deployments.Develop and provide regular reports on patch management program and overall status of patch compliance.Perform and provide vulnerability assessment results and recommendations to the ESM Lead and DO as necessary.Assess known systems vulnerabilities and verify system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists with no more than a 5% error rate.Document, implement, and prioritize patching requirements across the AFIN/AFNet enterprise.Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.Create, document, and report metrics for analysis to improve weapon system processes and mission execution.Support operational leadership's tasking as it relates to Systems Security Engineer functions and responsibilities.SSS offers a competitive benefits package to include: paid holidays, paid time off including sick and vacation leave, medical, dental and vision insurance, flexible spending accounts, short and long term disability, company paid life insurance, 401(k) with a company match and discretionary profit sharing and tuition reimbursement.
#J-18808-Ljbffr
Req #6829Friday, October 4, 2024STS Systems Support, LLC (SSS) is seeking a Cyber Data Engineer.Requirements:Must be a U.S. Citizen with an Active TS/SCI.More than 3 years of relevant work experience. BA/BS or MA/MS.Proficient with Splunk Processing Language (SPL), ELK Lucene Query Syntax, or other search/analytics tool.Proficient with programming/scripting fundamentals – including regex, C++, Python, RHEL, Unix Scripting, and Windows PowerShell.Experience in responding to security problems in target-rich environments, looking at security alerts, frontline analysis, and response.Understanding of SIEM 'Search' Language & Lucene Query Syntax. Understanding of SIEM Dashboard, Reports, Lookup Tables, and Summary Indexes.Knowledge of customizing Dashboards via the XML source.Experience with SIEM Apps and ELK.Experience with Python Scripting. Programming experience in Python, C/C++, Java, or Go.Demonstrated expertise with malware analysis, including investigations of botnet and rootkit behavior.Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography). Network Security Devices (IDS/IPS, NGFW, WAF, NGAV). OSSEC, Snort, Suricata experience.Experience with at least one SIEM (e.g., Alienvault, Logrhythm, Splunk, Qradar, ELK) and Firewalls (e.g., Fortinet, Sonicwall, Palo Alto).Experience with scanning technologies, log collection, and analysis tools (SIEM).Experience with scripting/programming languages (BASH, Python, Java, etc.).Extensive knowledge of MITRE ATT&CK framework and its uses within the cybersecurity community (e.g., Open Source projects).Duties:Write and develop scripts to automate the system installation of required patches and configurations to remediate identified system vulnerabilities.Perform coding and development as required to augment default SIEM functionality and facilitate the intercommunications of various security controls.Develop basic new cybersecurity capabilities.Develop and maintain existing Splunk, ELK, or other search/analytics tool’s knowledge objects (saved searches, reports, dashboards, data models, event types, field aliases, field extractions, macros, lookups, tags) to alert on potentially malicious activity or fulfill compliance/policy requirements.Develop, debug, and maintain scripting languages.Create, install, and test vulnerability fixes to Windows and Unix/Linux platforms.Assist/lead in conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture.Perform systems security engineering and test efforts associated with implementing security controls on networking devices, databases, operating systems, hardware, and software components.Develop vulnerability reports and investigation impact, resolution, and verification of security vulnerabilities and patches; as well as performing deep dive and impact analysis into failed patch deployments.Develop and provide regular reports on patch management program and overall status of patch compliance.Perform and provide vulnerability assessment results and recommendations to the ESM Lead and DO as necessary.Assess known systems vulnerabilities and verify system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists with no more than a 5% error rate.Document, implement, and prioritize patching requirements across the AFIN/AFNet enterprise.Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.Create, document, and report metrics for analysis to improve weapon system processes and mission execution.Support operational leadership's tasking as it relates to Systems Security Engineer functions and responsibilities.SSS offers a competitive benefits package to include: paid holidays, paid time off including sick and vacation leave, medical, dental and vision insurance, flexible spending accounts, short and long term disability, company paid life insurance, 401(k) with a company match and discretionary profit sharing and tuition reimbursement.
#J-18808-Ljbffr