The position will be responsible to assist in the development and maintenance of agents and endpoint clients necessary to support the security mission in the CXD Federal environment. This is role will also support by providing technical build-out and monitoring of a security perimeter, analysis of the information flowing into that platform, and response to incidents detected or anticipated.
location: Sterling, Virginia
job type: Contract
salary: $52 - 57 per hour
work hours: 8am to 5pm
- Deploy Splunk Enterprise Security SIEM in the CXD Federal environment.
- Enforce log collection standards and policies in the CXD Federal environment.
- Assist in the deployment and maintenance of agents and endpoint clients necessary to support the security mission in the CXD Federal environment.
- Establish, tune and refine non-blocking SIEM, IDS, and vulnerability scan rules and reports in the CXD Federal environment.
- Establish, tune, and refine traffic- and code-blocking IPS and endpoint policies in the CXD Federal environment, and respond to incidents caused by false positive detections.
- Provide incident response and analysis in the CXD Federal environment.
- Maintain infrastructure and application services for Elastic, Tenable.sc (formerly Security Center), Carbon Black, Twistlock using modern orchestration and automation methods.
Create and maintain Salt scripts for infrastructure and service administration.
- Must be able to work in US without sponsorship, and located in the Washington DC metro area.
- Able to commute to Sterling, VA five days per week.
- 2+ years' cybersecurity experience in an enterprise environment.
- Eligible and willing to receive a TS clearance, or already holding a clearance.
- Splunk implementation experience in a security-focused capacity.
- Salt orchestration and automation experience required.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.