Senior Cyber Security Engineer

Responsibilities:

• Support the engineering, integration, and administration function required to deliver capabilities and services to the enterprise
• Perform tasks and complete customer requests using the ServiceNow delivery platform
• Resolve incident tickets issued through ServiceNow
• Responsible for supporting the build-out and testing of sophisticated Audit SIEM applications in a physical and virtual environment
• Perform various Linux systems administration tasks related to the operational system: backups, account management, and bash scripting to automate tasks
• Verification and validation that the segments are operating as desired, audit events are being processed, metrics generation, and ensuring that all required systematic audit events are being accomplished
• Operate and multitask in a dynamic high tempo environment 
• Perform the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline
• Perform change request (CR), service request (SR) and request for change (RFC) activities
• Responsible for configuring, installing, and hardening SIEM components and architecture
• Develop custom dashboards to support Enterprise Audit service
• Provide weekly quality of service and account metrics and develop PowerShell scripts to deliver onboarding metrics
• Tier 2 & 3 support to the customer to include troubleshooting and resolution of network and log parsing problems as they occur
• Configuration management to include IP Subnets assigned to Audit, develop and maintain current/future system diagrams and rack elevations, maintaining the configuration baseline for deployed servers, Maintaining and applying security related patches

Required Qualifications

• Active TS/SCI with Polygraph 
• Must possess the required DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months
• Minimum Education: B.S. or relevant experience in related field
• Minimum/General Experience: 5-7 years of related experience
• Ability to learn and comprehend from the provided training in an individual contributor and team capacity
• Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment
• Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems
• A solid understanding of Linux and Windows systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required

Desired Qualifications

• Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk and ArcSight
• Experience with scripting preferably with Puppet, CHEF or other configuration management tools
• Experience with Linux, Windows Server and workstations, Red Hat and CentOS
• Cloud environment experience and/or certifications
• Experience with 3rd party tools such as SQLServer, Snare, MongoDB, SharePoint Admin, MariaDB, AWS.
• Experience with creating custom parsers to ingest unique metadata into a standardized log format
• Installing, configuring and hardening of VCenter, VMWare, Windows Server 2016 and Hyper V, LINUX OS, and ArcSight application (ArcMC, ESMs, Loggers, and Smart Connectors)
• Risk Management Framework knowledge and experience
• Certification and verification of IT architecture for compliance with security requirements
• Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and Enterprise Audit
• Ability to clearly articulate ideas for executive – level as well as technical staff consumption