Splunk Security Engineer (SIEM)
We are seeking a Security Engineer to optimize SIEM and event management software for a commercial client. The selected candidate will help provide SIEM rule and other tool configuration, engineering and tuning support aligned with change control processes.
- Deep understanding of SIEM technology
- Must have a high aptitude for Security event flow and technologies
- Develop, tune, and maintain tools to automate analysis capabilities for network-based, host-based and log-based security event analysis
- Create signatures, rulesets, and content analysis definitions from various intelligence sources for a variety of security detection capabilities
- Splunk Web Framework (reports/dashboards/etc.)
- Command line and console-based troubleshooting
- Custom parser creation for events in Syslog, ODBC, ad flat file formats
- Advanced correlation and alert rules
- Investigations in Splunk
- Log Source management
- Data flow into and through Splunk
- How to optimize event ingestion, reporting and alerting
- Strong Networking background combined with Strong Security
- Relevant certifications such as CCNP, CCNA, SANS, CISSP, etc.
- Must have ability to support flexible schedule in support of 7x24 staff.
- Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management (UTM).
- Strong interpersonal and communications skills
- Ability to solve problems quickly and automate processes.
- A solid understanding of an operating system; understands paging and swapping, inter-process communications, devices and what device drivers do, file system concepts (inode, clustering, logical partitions), can use performance analysis to tune systems.
- A solid understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layouts.
- Must be well versed in TCP/IP, IPSec, VLANs, system hardening, and troubleshooting.
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.