Sr Splunk Specialist

Job DescriptionECS is seeking a Sr Splunk Specialist (Cyber Security Engineer SME III) to work in Alexandria, VA or Seaside, CA where you will be supporting DMDC. This is a team lead position responsible for overseeing and working directly with a team of Splunk Engineers and Analysts to analyze, triage, and support data transformation initiatives. This role is at the forefront of enhancing our client's security data environment to provide optimal up time of the platform.We are currently seeking a skilled Splunk Specialist who possesses a keen interest in expanding their expertise to encompass Splunk technologies. This role offers an exciting opportunity for individuals eager to delve into the dynamic realm of Splunk Operations and Development while leveraging existing proficiency in technologies across Systems and Cyber.Serve as the Lead Splunk Engineer and Analyst.Lead and manage the continued deployment, expansion, and day-to-day maintenance and administration of Security Information & Event Management (SIEM) operations.Maintain operational proficiency of Splunk servers, forwarders, indexers and search heads.Conduct Assessments and support system components according to DISA STIGs, Security Requirements Guides (SRG), and applicable DoD orders and directivesBuild use cases and dashboards depending on requirements.Work closely with the Incident Response team on handling incident and problem management for the SIEM infrastructure.Facilitate the integration of new data sources into the SIEM.Develop detailed security design documentation for component and interface specifications to support system design and development.Track, measure and evaluate logging security posture across the enterprise.Mentor analysts and engineers on Splunk technologies and components.Candidate may also provide general technical cybersecurity support in the areas of vulnerability assessment, risk assessment, network security, and security implementation. Additional general duties include implementation and support for protecting the confidentiality, integrity and availability of sensitive information; providing input into the design of IS contingency plans; and conducting testing and audit log reviews to evaluate the effectiveness of current security measures.Salary Range: $160,000 - $180,000General Description Of BenefitsRequired SkillsMust be a US citizen, possess a DoD Secret clearance. Minimum vetting Tier 5(T5)-Single Scope Background Investigation (SSBI)Active DoD 8570 IAT Level 2 or Level 3 certification for compliance, including at least one of the following certifications in good standing: CompTIA CISA+, CompTIA Security, ISC2 CISSP, ISC2 CCSP, or ISC2 SSCPComputing Environment CertificationBachelor’s degree and 10+ years of Information Technology or Cybersecurity related experienceSubject matter expertise in Splunk and Splunk Enterprise Security, with proven experience designing, configuring, deploying, monitoring, and optimizing log management in a distributed, complex enterpriseExperience delivering Tier-3 cybersecurity support, including resolving critical issues, mentoring junior personnel, and performing post mortem analysis to identify, document, and implement lessons learned within a continuing quality improvement frameworkComprehensive awareness of IT operations business requirements, with the ability to deliver cyberhardening and cybersecurity requirements while not degrading system availability, functionality, or performanceAbility to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholdersCapacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutionsExcellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and riskKnowledge of DoD cybersecurity policies, practices, and requirementsStrong organizational skillsDesired SkillsSplunk CertifiedCISSP, CASP, CEH certificationsSystems architecture, engineering, and networking experience, with computing environment certifications Experience in threat, vulnerability, and risk management and mitigationCybersecurity incident response experienceProven experience supporting all aspects of diverse endpoint systemsKnowledge of and experience administering, optimizing, and securing cloud environmentsExpert knowledge of and experience configuring, optimizing, troubleshooting, securing, scanning, and penetration testing endpoint systems, including Windows workstations, Windows servers, and Linux serversExperience applying troubleshooting techniques across various server, application, and network technologies#ECS1ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.