Splunk Engineer

ASRC Federal Data Networx is seeking candidates to provide IT security support to a government contract in Washington, DC.

Position: Security Operations Center Engineer III Location: Washington, DC Clearance: Must be a US Citizen; Active Public Trust, desired.

Summary: Serves as a Splunk expert on a team supporting the Security Operations Center and Incident Response team to proactively monitor network/bandwidth traffic and/or performance and audit logs which prevents network attacks and/or reactively identify network intrusions and/or anomalous security incidents across the enterprise.

Responsibility: * Utilize Splunk in the performance of security operations center activities * Perform malware and malicious file analysis.

* Provide initial analysis, documentation artifacts and escalate incidents to Incident Responders for detailed analysis remediation recommendations.

* May conduct Cyber Hunt Teams.

* Perform advanced analysis of warning intelligence data.

* May individually perform these tasks as well as provide supplemental information and analysis for complex issues as required by Incident Responders to implement remediation actions which re-establish the security posture of a technology or enterprise.

* Support the creation of operational policies and identify documentation and/or technology Process Improvements and support implementations as related to Splunk implementation and use.

* Engages customer technical POCs as necessary to perform Splunk duties.

Experience/Education: * A minimum of 8 years or more cybers security experience with at least 4 years working with Splunk * Preferred Splunk Enterprise Certified Architect/Admin, RSA NetWitness Logs & Network Certified Administrator, GIAC Certified Incident Handler (GCIH) and/or other Splunk or related certifications.

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Full-time