ASRC Federal Data Networx is seeking candidates to provide IT security support to a government contract in Washington, DC.
Position: Security Operations Center Engineer III Location: Washington, DC Clearance: Must be a US Citizen; Active Public Trust, desired.
Summary: Serves as a Splunk expert on a team supporting the Security Operations Center and Incident Response team to proactively monitor network/bandwidth traffic and/or performance and audit logs which prevents network attacks and/or reactively identify network intrusions and/or anomalous security incidents across the enterprise.
Responsibility: * Utilize Splunk in the performance of security operations center activities * Perform malware and malicious file analysis.
* Provide initial analysis, documentation artifacts and escalate incidents to Incident Responders for detailed analysis remediation recommendations.
* May conduct Cyber Hunt Teams.
* Perform advanced analysis of warning intelligence data.
* May individually perform these tasks as well as provide supplemental information and analysis for complex issues as required by Incident Responders to implement remediation actions which re-establish the security posture of a technology or enterprise.
* Support the creation of operational policies and identify documentation and/or technology Process Improvements and support implementations as related to Splunk implementation and use.
* Engages customer technical POCs as necessary to perform Splunk duties.
Experience/Education: * A minimum of 8 years or more cybers security experience with at least 4 years working with Splunk * Preferred Splunk Enterprise Certified Architect/Admin, RSA NetWitness Logs & Network Certified Administrator, GIAC Certified Incident Handler (GCIH) and/or other Splunk or related certifications.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Full-time