Splunk Onboarding Lead (Government)



AT&T Public Sector
View Company Profile

<< Go back

Post Date: Jun 10, 2022
Location: Virginia - Chantilly
Security Clearance: Top Secret - SCI,Top Secret w/ CI Poly
Job Type: Permanent
Start Date: - n/a -
Salary: - n/a -
Job Reference: 2229903
APPLY NOW
    Email Job to a Friend     Save Job to Inbox     Printer Friendly

Description

AT&T Global Public Sector is a trusted provider of secure, IP-enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing, and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values, and dedicated to our customers’ mission.



Our Cyber Security Team supports the customer by investigating, analyzing, and mitigating cybersecurity incidents that attempt to breach the Customer’s network infrastructure, applications, and operating systems.



AT&T has an opening for a Splunk Onboarding Lead to support the Grimlock contract.



The job duties of the Splunk Onboarding Lead are as follows:                                                                                                        




            
  • Perform tasks and complete customer requests using the ServiceNow delivery platform.

    •         
  • Resolve incident tickets issued through ServiceNow.

    •         
  • On-board customer’s assets consisting of operating systems, applications and network devices in multiple enclaves.

    •         
  • Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.

    •         
  • Lead the exploration of emerging technologies by arranging demonstrations, providing technical evaluations, and input to the customer's roadmap development. 

    •         
  • Manage the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline. 

    •         
  • Assist the Program/Project engineers in testing and implementing future enhancements.

    •         
  • Utilize, evaluate and update all engineer instruction sets and SOPs.

    •         
  • Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.

    •         
  • Perform various Linux and Windows systems administration tasks related to the operational system.

    •         
  • Verification and validation that the segments are operating as desired, audit events are being processed, metrics generation, and ensuring that all required systematic audit events are being accomplished.

    •         
  • Operate and multitask in a dynamic high tempo environment.

    •         
  • Perform the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline.

    •         
  • Perform work duties in a government environment as part of a multi-contractor team.

    •         
  • Facilitate the enablement, collection, and verification of customer data within SIEM tools.

    •         
  • Develop SIEM search queries to support Enterprise Audit service requirements.

    •         
  • Ability to learn custom audit solutions with advanced parsing techniques

    •         
  • Lead and coordinate Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback



Required Clearance:



TS/SCI with poly (#ts/sci) (#polygraph)



Required Qualifications:




            
  • A minimum of 5+ years overall relevant experience and a Bachelor’s degree or an Associates degree and 7+ years relevant experience or 9+ years overall relevant experience with no degree.

    •         
  • IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification within 6 months

    •         
  • The ideal candidate will be able to work independently and be able to take on tasks quickly with minimal direction.

    •         
  • Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.

    •         
  • Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.

    •         
  • A solid understanding of Windows and Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required.

    •         
  • Familiarity with the Certification & Accreditation process is preferable but not required



Desired Qualifications:




            
  • Splunk Certifications

    •         
  • Ability to learn and comprehend from provided training in an individual contributor and team capacity.

    •         
  • Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.

    •         
  • Experience with Linux, Windows Server and workstations, Red Hat and CentOS.

    •         
  • Cloud environment experience and/or certifications.

    •         
  • Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.

    •         
  • Familiarization with ICS 500-27 for Audit collection requirements

    •         
  • Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and UAM

    •         
  • Ability to clearly articulate ideas for executive – level as well as technical staff consumption

    •         
  • Analytical capability to look for and provide input on process improvements

    •         
  • Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.



Ready to join our team? Apply Today!



 



 






Powered by Jobbex