Halvik
Cyber Specialist - Splunk
Halvik, Washington, District of Columbia, us, 20022
Halvik is a highly successful company that puts people first, and we are looking for someone just like you. We are committed to delivering smarter IT-driven solutions bolstered by quality and innovation to help our customers succeed. Come be a part of something truly special!What You Will Do:
Assist in maturing an Insider Risk Program's operational support, including the development of playbooks and workflows for monitoring against potential insider risks, developing detection use cases, and conducting incident analysis.
Implement federal government and industry standards and best practices regarding insider risk programs, including development and maintenance of OCISO programmatic gap analyses and implementation roadmaps.
Assist in the creation of Gap Analysis on current tool usage for the Insider Risk program and make recommendations based on industry best practices and client organization.
Develop and maintain a convergence model for insider risk mitigation that reduces risk to client's personnel and assets.
•Develop and improve insider risk modeling that leverages Splunk User Behavior and Entity Analytics (UBEA), Data Loss Prevention (DLP), Splunk Enterprise Security (ES), Microsoft Purview, Machine Learning, and automated solutions in place.
Develop and expand situational playbooks that leverage client's automated capabilities.
Leverage excellent interpersonal skills to coordinate with client's business and technology leaders to develop and maintain programmatic solutions to insider risk.
Lead and assist in the investigation of all incidents involving insider risk.
Technical Splunk experience is required. Proficiency with tools such as Splunk (UBA, ES and SOAR).
Provide subject matter expertise across insider risk tool suite.
What You Need:
Bachelor's Degree in Computer science, Cyber Security, or STEM related specialty.
US Citizen or GC EAD required for Public Trust Clearance.
2+ years of investigations work experience involving insider risk investigations, security incident response, technical investigations, intellectual property investigations, and/or financial fraud investigations.
3-5+ years of experience in Splunk UEBA and/or Splunk Enterprise Security.
7+ years of experience in Cyber Security domain.
Experience thriving in a heavily regulated environment.
Experience in Splunk content development and Splunk Search Processing Language (SPL).
Knowledge of Machine Learning (ML) and how it applies to Insider Risk programs.
Halvik offers a competitive full benefits package including:Company-supported medical, dental, vision, life, STD, and LTD insuranceBenefits include 11 federal holidays and PTO.401(k) with company matchingFlexible Spending Accounts for commuter, medical, and dependent care expensesTuition AssistanceCharitable Contribution matching
Halvik Corp is an
equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Halvik'spay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Assist in maturing an Insider Risk Program's operational support, including the development of playbooks and workflows for monitoring against potential insider risks, developing detection use cases, and conducting incident analysis.
Implement federal government and industry standards and best practices regarding insider risk programs, including development and maintenance of OCISO programmatic gap analyses and implementation roadmaps.
Assist in the creation of Gap Analysis on current tool usage for the Insider Risk program and make recommendations based on industry best practices and client organization.
Develop and maintain a convergence model for insider risk mitigation that reduces risk to client's personnel and assets.
•Develop and improve insider risk modeling that leverages Splunk User Behavior and Entity Analytics (UBEA), Data Loss Prevention (DLP), Splunk Enterprise Security (ES), Microsoft Purview, Machine Learning, and automated solutions in place.
Develop and expand situational playbooks that leverage client's automated capabilities.
Leverage excellent interpersonal skills to coordinate with client's business and technology leaders to develop and maintain programmatic solutions to insider risk.
Lead and assist in the investigation of all incidents involving insider risk.
Technical Splunk experience is required. Proficiency with tools such as Splunk (UBA, ES and SOAR).
Provide subject matter expertise across insider risk tool suite.
What You Need:
Bachelor's Degree in Computer science, Cyber Security, or STEM related specialty.
US Citizen or GC EAD required for Public Trust Clearance.
2+ years of investigations work experience involving insider risk investigations, security incident response, technical investigations, intellectual property investigations, and/or financial fraud investigations.
3-5+ years of experience in Splunk UEBA and/or Splunk Enterprise Security.
7+ years of experience in Cyber Security domain.
Experience thriving in a heavily regulated environment.
Experience in Splunk content development and Splunk Search Processing Language (SPL).
Knowledge of Machine Learning (ML) and how it applies to Insider Risk programs.
Halvik offers a competitive full benefits package including:Company-supported medical, dental, vision, life, STD, and LTD insuranceBenefits include 11 federal holidays and PTO.401(k) with company matchingFlexible Spending Accounts for commuter, medical, and dependent care expensesTuition AssistanceCharitable Contribution matching
Halvik Corp is an
equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Halvik'spay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.