Job Description
ASRC Federal Broadleaf Division is hiring for a Cybersecurity Engineer (SIEM) to support the DCSA in Hanover, MD. These positions have been approved for a hybrid work schedule(1 day per week on-site)
JOB DESCRIPTION :
- This is a technical, hands-on role responsible for the successful operation of a variety of cybersecurity tools, logging framework, and cybersecurity infrastructure
- Support written technical deliverables for customers and build new capabilities
- Contributions to infrastructure, data pipeline, analytics dashboards, and other resources will be delivered to threat analysts for consumption
- Enhance the Joint Staff’s ability to secure systems and networks through implementation of the Elastic product family’s SIEM tool
- Facilitate data ingestion of logs including Extract, Transform, and Load (ETL) functions to develop dashboards, visualization, and alerting
- Create Standard Operation Procedures (SOPs) and perform index administration, maintenance and optimization
- Develop daily and weekly PowerPoint presentations to brief management and the team
- Ability to analyze security vulnerability reports and develop / implement a plan to Recognizes and seizes opportunities to improve products, services or approaches
- Design, document, build, secure, and maintain Elastic Stack solutions deployed in the Cloud or on-premises
- Engagement with avenues of influence (Splunk product managers, user groups, ) to align platform capabilities with business requirements
Broadleaf
dice
Requirements
BASIC QUALIFICATIONS : EXPERIENCE :
- At least five (5) years of experience in information technology or security engineering and three (3) years of direct Elastic administration experience
- Experience with developing automated capabilities for securing environments.
- Experience with STIG compliance and vulnerability management
- Knowledge of JFQ DoDIN DoD RMF IA Controls (IACs) and implementation.
- Requires an extensive knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies
- Ability to mitigate critical vulnerabilities.
ADDITIONAL DESIRED SKILLS
- Swimlane Integration
- DevSecOps experience
- Cloud certifications and experience (AWS, Azure)
EDUCATION
Bachelor's degree in Information Security or related field and / or equivalent combination of experience.
CERTIFICATION(S)
- DoD 8140 / 8570 IAT Level II / III certifications required
- One or more certifications :
- GIAC Certified Detection Analyst (GCDA)
- CompTIA Cybersecurity Analyst (CySA+)
- Elastic Certified Engineer
- Elastic Certified Analyst
- Elastic Certified Observability Engineer
- Certified SOC Analyst (EC-CSA)
CLEARANCE LEVEL :
- Minimum Secret
- Ability to obtain and maintain Top Security / SCI clearance
30+ days ago