This is an excellent opportunity to work with a leading Woman Owned Small Business systems integration company providing innovative solutions in areas of Information Assurance, Cyber Security, Insider Threat, Helpdesk Services and Information Technology. Tanager is currently looking for a Computer Systems Security Analyst (Splunk) position is located in Woodlawn, Maryland.
CLEARANCE REQUIREMENT: Public Trust - Prefer candidate to already possess an active Public Trust; will consider candidates with the ability to obtain a Public Trust clearance. Must be a US Citizen or US Permanent Resident.
o Write complex SPL to develop advanced Splunk dashboards and queries
o Perform on-boarding of data via Splunk tools and automation method.
o Work with customers to development custom content, maintaining consistently high quality communications with the client
o Create Splunk dashboards and queries.
o Familiar with automating tasks in Splunk
o Develop scripts and code with security tools
o Develop processes and schedule to review existing methodologies and queries for all divisional metrics.
o Become knowledgeable on the CDM technical requirements for agency's CDM program. Understand your role in CDM activities.
o Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
o Design, manage, and maintain agency SIEM infrastructure to improve data ingestion processes, including architectural work on data pipelines to ensure optimal flow of data.
o Maintenance, configuration and implementing products, appliances and devices on the agency's network
Bachelor's degree and 7 years of experience, Master's degree and 5 years of experience, or 11 years of experience in lieu of a degree
At least 6 years' experience using: Splunk, specifically Splunk scripting and on-boarding of large collection of meta data from different sources into Splunk
At least 4 years of experience with:
o In-depth knowledge of designing, upgrading, maintaining and implementing network devices on a large scale enterprise
o Coordination and communication with other remotely deployed team members
o Developing documentation with processes and procedures
o Proposing, implementing automation features in a large enterprise environment
At least 2 years of experience with:
o Splunk Enterprise Security product and tools
o Risk-based Alerting
o Analytics-driven Security
Hold active Splunk Core Certifications of User, Power User and Admin
Minimum of 3 years of experience in developing and tailoring reporting from network security tools.
o Experience with Splunk Common Information Model (CIM) and Enterprise Analytic
o Experience with Cribl for load balancing data
o Experience using Elastic for cloud storage
o Prior experience supporting government agencies a plus
o Understanding of business processes supporting IT programs, networks, and/or cybersecurity programs
o Understanding of network technologies, work flows, IT reporting, etc.
o Must be a self-starter, position is remote from the other team members.
o Must communicate clearly to team members, be comfortable with coordination, collaboration and communication when performing network activities