- Skillsets Required :
- Splunk Enterprise Security Expertise : Advanced knowledge of Splunk, particularly in conducting health checks, updating profiles, and managing configurations.
- Cybersecurity and Risk Management : Understanding of federal cybersecurity frameworks, such as FISMA, and the ability to implement security best practices.
- Configuration Management : Experience with configuring Splunk indexers, search heads, and managing configurations through Splunk apps or Technology Add-ons (TA).
- Log Management and Data Ingestion : Expertise in troubleshooting data ingestion issues, managing Splunk forwarders, and optimizing data flow from security tools like BigFix, Malwarebytes, Tenable, and SAV.
- Security Event Monitoring : Familiarity with identifying and responding to notable security events, enhancing alerting mechanisms, and improving Splunk dashboards for security compliance.
- Federal IT Environment : Experience with federal systems, particularly in ensuring compliance with government regulations (, FISMA, NIST).
- Project Management : Proven ability to lead technical teams, manage deliverables, ensure deadlines are met, and communicate effectively with government officials and stakeholders.
- Certifications :
- Splunk Certifications : Splunk Core Certified User Splunk Core Certified Power User Splunk Enterprise Security Certified Admin (highly recommended for this engagement)
- Cybersecurity Certifications : Certified Information Systems Security Professional (CISSP) Demonstrates understanding of security operations and compliance.
Certified Information Security Manager (CISM) Focus on managing security within an enterprise. Certified Ethical Hacker (CEH) Helps in identifying vulnerabilities and securing Splunk and its associated data.
CompTIA Security+ A basic but highly recognized security certification in the field.
- IT Service Management : ITIL Foundation or Practitioner (optional but helpful for managing service delivery in the IT environment).
- Years of Experience :
- years of experience in IT security management, with at least years specifically focused on Splunk Enterprise Security .
- Experience in Federal IT environments or working on federal contracts, with a minimum of - years working in compliance-driven, high-security environments such as FISMA Moderate.
- Proven track record of leading similar projects that involve auditing, optimizing, and managing Splunk environments.
- Qualifications :
- Demonstrated ability to troubleshoot, manage, and optimize Splunk environments, with a focus on health checks, configuration, and security enhancements.
- Experience with federal cybersecurity regulations , especially regarding FISMA, NIST, and other federal IT security standards.
- Proven project management abilities, particularly in meeting strict government deadlines and delivering high-quality work in compliance-driven environments.
- Education :
- Bachelor's degree in Computer Science , Information Technology , Cybersecurity , or a related field.
- Advanced degrees (, Master's in Cybersecurity) are desirable but not required.
28 days ago