JSP Cyber Security Splunk Admin

Clearance Level
Top Secret/SCI
Category
Cyber Security
Location
Alexandria, Virginia

REQ#: RQ43248

Today’s Cyber targets never stop moving – that’s why we never stand still. From protecting our nation’s critical infrastructure to securing the tactical edge, cybersecurity is embedded in everything we do. Amongst our numerous cyber programs, our JSP DCO program is at the forefront of GDIT’s cyber capabilities protecting one of our nation’s most important networks. JSP is undergoing a transformation as they transition to forward leaning areas of cybersecurity.  Be part of that transformation and join our mission!

The Joint Service Provider (JSP) Defense Cyber Operations Internal Defense Measures (DCO IDM) program is searching for Splunk Admin to work at the Mark Center in Alexandria, VA.

NOTE: This is a full-time, onsite position. Due to the type of access this role entails, telecommuting is not allowed. Some travel to the Pentagon may be required.
 

As a Cyber Security Splunk Admin, you will implement and conduct engineering activities in accordance with the organization's relevant approved processes, technical operations and strategic vision.  The position is responsible for the technical management, monitoring, maintenance, and troubleshooting, of enterprise-wide monitoring systems, applications and related infrastructure; ensuring that any issues that may adversely impact the confidentiality, integrity or availability of computing resources are identified, properly alerted and promptly resolved. This mid-level engineer position will understand and interpret customer requirements for Splunk implementation for an enterprise solution. 

Duties Include:

  • Designing, engineering, configuring and administering Splunk content
  • Assisting in the proper operation and performance of Splunk, plug-ins, loggers and connectors
  • Building Splunk reports
  • Developing dashboards with visual metrics for stakeholders
  • Defining strategy and design around data collection, aggregations, and summarization processes
  • Integrating external data sources into Splunk
  • Enforcing best practices related to summarizing and querying data
  • Developing advanced scripts for the manipulation of multiple data repositories to support analyst requirements
  • Partnering with other enterprise teams to support data capture and advanced data analytics and forecasting efforts to support proactive identification of issues
  • Providing recommendations and implement changes to optimize Splunk products in the customer environment
  • Designing the Splunk system solution to meet growth while maintaining a balance between performance, stability, scalability and agility
  • Experience with SIEM content management

               

Required Qualifications:

  • Active Top Secret/SCI clearance
  • IAT Level II Baseline Certification (i.e. Security+ CE, etc)
  • Linux OS Certification (i.e. Red Hat, etc)
  • BS degree in Computer Science, Engineering or other closely related discipline
  • 10 years knowledge and hands-on experience in cyber security with an emphasis in engineering design, system analytics, operations and maintenance of a variety of security technologies used for security defense areas such as: network, storage/back, platforms (Windows/Linux Servers and desktops)
  • 5 years of experience with Splunk, network security, system security, and supporting security information and event management (SIEM)
  • Demonstrated experience in the implementation of information engineering projects; systems analysis, design and programming using standard tools and methods

Desired Qualifications:

  • Experience developing enterprise strategic implementation of Splunk DoD deployments highly preferred
  • Ability to perform basic scripting tasks with Splunk to automate repeatable processes using Python, Ruby, PowerShell, Perl, etc.
  • Experience with performing hunt activities in an incident response role
  • Experience with security tools, including Firewall, IDS, Active Directory, Nmap, Burp, Proxy, or Bro

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.