Cyber Splunk Engineer

Job Description

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. We are looking to hire a Cyber Splunk Engineer that can enhance our security team.

Provide expertise in scripting/programming to maintain our Cyber operation systems. This is primarily a Linux environment that the systems run on top of. We need to support the various Cyber Security tools, applications and network and endpoint hardware we support. Builds, designs, tests, and deploys perimeter, cloud security systems to support firewalls, proxy devices and other security systems.

Will administer the core Cyber Security applications that we support such as Syslog and log systems, Splunk, Radius and various other security and system tools. Splunk Enterprise and Splunk Enterprise Security being our major tool and focus of this position. Using Splunk Enterprise and Splunk Enterprise Security. Will interface with fellow Cyber and Firewall engineers to gather additional requirements and details to help support the mission of protecting our federal customers environment.

Manage vendor ticket, information gathering, and troubleshooting in the event of a platform issue. This would cover network application issues, providing root cause determination and recommend resolution options.

Supports the planning, documents, and implements hardware and software refresh and upgrade of Cyber Security Systems. Supports periodic firewall rule set review and auditing for standards and use software. Attends weekly teleconferences, onsite meetings, and participates in working groups, as related to constant changing security environment.

• Bachelor degree in a computer science/computer engineering related discipline or 10 years of work experience.
• 5 of these years is maintaining linux systems with use of programming and scripting using Perl, Bash, and Python and other advanced languages.
• 3 of these years in a Cyber Security environment in support of SIEM and/or NOC.
• 2 of these supporting IT systems at the enterprise level crossing between Cloud and On Premise environments.
• Excellent Linux user and admin skills demonstrating competency to maintain our Cyber Security systems.
• Expert in scripting/programming in a Linux environment to support the various Cyber Security tools and applications required. This would include use of Shell scripting, Perl, Python 3 or above, Ruby that demonstrates the writing of your own projects and modules.
• Good knowledge of Java script, Powershell, and/or Visual Basic.
• Demonstrate the use of regular expressions.
• Knowledge of HTML and web scripting.
• Experience with Syslog-NG and Squid proxy.
• Experience with vulnerability management and remediation.
• Good troubleshooting skills.
• Strong Linux foundation with perl, python and bash programming experience.
• Great organizational skills.
• Good to excellent technical writing ability.
• Knowledge, understanding, and ideally experience with certificate generation and ideally operation of a Certificate Authority.
• Excellent Excel skills. This is to help with reporting and to perform log analysis.
• Use of collaboration tools (Teams, Confluence, JIRA).

Citizenship: U.S.

Clearance: TS and/or DOE Q

• TCP/IP networking and advanced network concepts.
• Proficiency with TCP/IP and IPv4; IPv6 desired.
• Load Balancers.
• Firewall Experience/Knowledge supporting the configuration and maintenance of Firewall/DMZ infrastructure including Network and Application Firewall Packet Filtering technologies.
• Packet Capture and log analysis experience.
• Core IT technologies.
• Cloud Environment Knowledge and Admin Experience.
• Knowledgeable of RFCs (Requests For Comment).
• Experienced with network monitoring devices such as HP Openview, Nagios, Zenoss, Neural Star or other similar monitoring tools.
• Azure, AWS experience is helpful.
• Experience with SSL and SAML certificates.
• CISSP, CCNP Security, PCNSE, Network+, Security+, CEH, ITIL (r) Foundation certification, AWS Security, AWS Advanced Networking, Linux scripting and programming in Python and/or Pearl greatly desired.

The likely salary range for this position is $119,000 - $161,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.

GDIT typically provides new…