Systems Administrator (SPLUNK / SIEM)

Fort Meade, MD

Constellation Technologies

Customer-centric and results-driven with a team of Cyber & Intelligence SMEs, Engineers, Technology Integrators & Administrators.

View company page

About us: Mission Driven, Employee Focused
At CTI, you’ll be at the center of an award-winning corporate culture, breaking technological barriers and solving real-world problems for our federal government customers. We are committed to hiring the best of the best, and in return, we offer a world-class, truly unique employee experience that is rare within our industry.
If you’re a technical changemaker with a passion for Cyber Operations, Cloud and Data Analytics, or Engineering, we’re looking for you! Love what you do AND where you work - alongside a supportive, innovative team of like-minded individuals. After all, we know that your best work happens when you live your best life, and we do everything we can to make that possible. Are you ready for your best career move? Intel Agency polygraph is strongly preferred.

Due to Federal contract requirements, US citizenship and a TS/SCI security clearance is required for this position.

CTI is seeking an experienced TS/SCI polygraph cleared Systems Administrator (SPLUNK / SIEM) to support our Intelligence Community customers.

The day-to-day:
As a Systems Administrator you will be responsible for configuring the collection, parsing, correlation, and visualization of events for a critical operational system. She/he will demonstrate strong skills in system administration, log management, event correlation, and threat detection and will support building and maintaining a system that analyzes collected data and derives facts, inferences, and projections to determine if the systems being monitored are operating normally. The individual will work on a team responsible for configuring the systems which support analysts and end-users. The successful candidate will support the collection and extraction of data used to refine existing and new reports, analytics, and dashboards, and will be involved with the drafting and creation of reports and dashboards based on end-user requirements. She/he will also support the integration of resources across teams to better define the audit data being collected to eliminate false positives and false negatives from the data.

The qualifications (required):
·         Must be a US Citizen
·         Must have TS/SCI clearance w/ active polygraph
·         Eight (08) years of applicable related experience.
·         Two (02) years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk.
·         Experience in design, implementation, and support of Splunk core components, including indexers, forwarders, search heads, and cluster managers.
·         Experience with configuration and administration of Splunk ingestion and forwarding for new and existing applications and data.
·         Experience with troubleshooting Splunk dataflow issues between the various Splunk core components.
·         Experience configuring and deploying data collection for a variety of operating systems and networking platforms.
·         Experience creating Dashboards and Analytics within SIEM tools.
·         Experience working with monitoring systems supporting auditing, incident response, and system health.
·         Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps.
·         The ability to troubleshoot issues with log feeds, search time, and field extractions.
·         The ability to troubleshoot problems related to data solutions.
The nice-to-haves (desired, not required):
·         BS degree in Computer Science, Engineering, Information Assurance, or a related technical field.
·         Network Security Operations Center (SOC) experience.
·         Experience and talent in data visualization.
·         Experience creating workflows for Incident Response within a SIEM Tool.
·         Security+ Certification.
·         GIAC Certified Incident Handler Certification.
·         GIAC Cyber Threat Intelligence Certification.
·         Cybersecurity certifications.
·         Formal SIEM training.
·         Experience working on an Agile team/program.

Basic Qualifications:

The benefits package:

• Affordable healthcare options with 80% employer paid premium PLUS a company-funded HSA
• Dental insurance with 100% employer paid premium
• Vision with 80% employer paid premium
• Employer paid Life insurance 100%
• Employer paid Short-term and Long-term disability 100%
• Annual training, continued education, and professional memberships reimbursement
• Unlimited access to Red Hat Enterprise Linux, AWS, and NetApp training and accreditation
• Annual reimbursement for technology i.e. phones, computers, printers, etc.
• 401(k) with company match up to 5% with 100% immediate vesting (after 90 days of employment)

The environment and perks:

• Professional development investment and paid time off for training
• Contract and work locations in Maryland, Virginia, Colorado, Texas, California, Florida and Hawaii.
• Team building events throughout the year such as Destination Family Events, Holiday Party, Monthly Get-Togethers
• Leadership Team engagement and mentorship
• Performance Recognition
• Unlimited complimentary branded apparel

Don't see a job opening that's the perfect fit? Apply to our General Position to join our talent pool for consideration for future or potentially unlisted opportunities.

Know someone else who may be a good fit? Refer them through the CTI External Referral Program and you could receive a one-time referral bonus of up to $10,000! Email for more information.

Constellation Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Job applicants can submit questions about CTI’s equal employment opportunity policy to
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Analytics ArcSight Audits AWS Clearance Cloud Computer Science GIAC Incident response Linux Monitoring Network security Polygraph Red Hat Security Clearance SIEM SOC Splunk Threat detection Threat intelligence Tripwire TS/SCI

Perks/benefits: 401(k) matching Career development Health care Insurance Salary bonus Team events Unlimited paid time off

Region: North America
Country: United States
Job stats:  6  0  0
Category: Admin Jobs

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.