Post Job Free
Sign in

Security Engineer

Company:
ARK Solutions, Inc.
Location:
Washington, DC, 20022
Posted:
April 28, 2024
Apply

Description:

CLIENT: Federal

Position : Security Engineer/ Splunk Engineer

6 months Contract

Washington, DC (Onsite)

Education: Bachelor’s degree in in Cybersecurity or related field.

Required Skills: "Five (5) to seven (7) years of hands-on experience with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Cisco Client, FireEye, Gigamon).

• Experience working with cloud services such as AWS, Azure and O365 and cloud access security brokers.

• Experience in the use of network monitoring tools with a strong understanding of network protocols.

• Ability to perform security analysis, development and implementation of security policies, standards, and guidelines.

• Ability to quickly explore, examine and understand complex security problems and how it affects a customer's business.

• Experience with both the Linux and Windows operating systems. "

Preferred Skills: Splunk Engineer experience.

Day-to-day Responsibilities: "Development, deployment, or administration of Splunk.

• Onboard Splunk ES critical data sources - ingestion of critical data sources/data logs from the enterprise into the Security Information Event Management (SIEM) tool to meet the Splunk Enterprise Security (ES) implementation.

• Normalize Log Data to Common Information Model (CIM) as required by Splunk ES to meet the provided security use cases (Rules/Alerts).

• Create viewable Splunk dashboards to provide visibility into ingested log data.

• Create alerts that trigger/activate on configured setting to deploy or sends a note, email, or attachments to a particulate destination email or groups.

• Create security rules (alerts) that trigger on anomalous activities or threat detections.

• Splunk Support - Assisting Customers with any issues when ingestion of logs that are not working properly or communication issues with Splunk.

• Resolve Splunk infrastructure or system issues.

• Development, deployment, or administration of VMware, RSA NetWitness, Cisco StealthWatch or similar tools.

• Check virtual server availability, functionality, integrity, and efficiency.

• Manage virtual server resources including performance, capacity, availability, serviceability, and recoverability.

• Monitor and maintain virtual server configuration.

• Diagnose failed servers or connectivity problems. ".

Apply

Report this job