Splunk Administrator

Job not on LinkedIn

August 26

Apply Now

Receive Emails with Similar Jobs

Falconwood, Incorporated

WebsiteLinkedInAll Job Openings

Cybersecurity • IT Service Management • B2B

Falconwood, Incorporated is a veteran-owned, woman-owned business management and technology consulting firm headquartered in Arlington, Virginia. Founded in 2002, Falconwood specializes in providing impartial advice and support to DoD agencies on a range of Information Technology services. Their offerings include systems engineering, cloud solutions, cybersecurity, data science, and various IT management services, all designed to improve mission performance and enhance service quality.

201 - 500 employees

Founded 2002

🔒 Cybersecurity

🤝 B2B

📋 Description

• Responsible for providing support to PMW 220 Information System Security Officer or Manager (ISSO/ISSM) for Risk Management Framework (RMF) implementation and continuous monitoring. • Provides assistance with and guidance on the deployment, use and administration of Cybersecurity operations tools, e.g. Security Information and Event Management (SIEM) tools such as Splunkas required within the PMW 220 portfolio and commercial and private cloud hosting environments to ensure that the controls within the security controls baseline are inplace and functioning as intended to protect Navy data. • The candidate will work with the PMW 220 Audit Readiness Section as necessary to coordinate the identification and remediation of cybersecurity control weaknesses with financial audit impacts.

🎯 Requirements

• The ideal candidate will have 3 to 5 years of experience working in a cybersecurity operations environment maintaining the security of enterprise level systems. • The ideal candidate will have 3 to 5 years of experience working as a Linux Systems Administrator. • The candidate must have 3 to 5 years of experience working as a Splunk Administrator in a large enterprise environment. • The candidate must have 3 to 5 years of experience deploying and maintaining 2-Tier and 3-Tier applications. • The candidate must have familiarity with SIEM tools, vulnerability scanning tools, monitoring tools and automated security assessment tools. • The candidate must have either a certification in Linux (ie CompTIA's Linux+) or on-line/formal training completion certificate in Linux to meet CSWF requirements (ie: a vendor course for preparation in obtaining a CompTIA Linux+ certification). • The candidate must be certified to meet IAT Level 1 CSWF requirements (ie: Isc2's CISSP). • SECRET security clearance with favorably adjudicated T5 background investigation. • Assess system compliance with DISA Application Security STIG(s). • Justify reasons STIG configurations cannot be implemented. • Document mitigating factors for non-compliant STIG configurations. • Develop Plan of Actions and Milestones (POA&M) related to remediation and/or mitigation of vulnerabilities. • Implement Splunk Enterprise Security in a large enterprise environment. • Deploy Splunk Universal Forwarders to collect Linux, Windows, Database, AWS, and other application events and forward to Splunk Indexers. • Deploy Splunk APPS. • Write Splunk scripts for events filtering. • Perform Splunk Enterprise Data Administration. • Install, upgrade and patch Applications. • Work with operating system administrators in support of application agent custom installation requirements and troubleshooting. • Troubleshoot issues with applications in a complex network environment (ie: Cloud). • Understand TCP/IP (IPv4, IPv6) along with related protocols (HTTP, FTP, SSH, NFS,etc...). • Maintain documentation of processes, procedures and configurations related to maintaining applications. • Communicate effectively in writing and verbally. • Work effectively independently and as part of a group. • Develop concise, realistic and executable implementation schedules, project plans and system assessment plans. • Track POA&M items and provide status updates. • Write scripts (bash, shell, perl, python, etc...). • Write regular expressions. • The ideal candidate will have Operating System (OS) Administration experience (3 to 5 years). • The ideal candidate will have hands-on IT experience to include server build, ldap, and an understanding of Encryption Algorithms and PKI authentication implementation. • The ideal candidate will have extensive hands-on experience Installing/Configuring and Administering the Splunk Enterprise Security App.

🏖️ Benefits

• 401k, Tuition Reimbursement, Health/Dental/Vision Insurance, PTO, Federal Holidays, Performance Increases, Reserve Duty Compensation and more!