Cyber Security Engineer - REMOTE POSITION (Baltimore, MD)

| Baltimore, MD
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Responsibilities & Qualification

RESPONSIBILITIES:

Administer the Splunk based log management system and analyze the current logging capabilities;
Ensure the Agency Information Security systems administered by the Team are sending all required logs to the log management system;
Maintain the Log Management and Security Information and Event Management system to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls (including but not limited to Layer 7 Application Firewalls), proxy servers, DLP, antivirus/endpoint protection software, and vulnerability scanner elements;
Tune the SIEM and IDS/Intrusion Prevention System (IPS) events to minimize false positives;
Enroll NRC network and systems information into the SIEM tool, using information from the Vulnerability and Compliance;
Scanning System (VCSS) and input from ISSOs, and perform asset categorization and privatization;
Tune the capabilities as practicable to improve efficiency and ensure that reporting capabilities of the log management system are working properly;
Validate that agency log retention requirements are configured properly within the agency’s log management system;
Identify shortfalls in the current capability and identify systems that are not sending logs to the agency log management system;
Recommend improvements to current processes;
Provide technical guidance to administrators of other IT systems to ensure their logs are sent to the agency’s log management system;
Configure agency’s log management system role-based access controls so that logs for specific systems can only be accessed by designated administrators.

REQUIRED QUALIFICATIONS:

5 years of experience with Splunk;
Minimum 10 years of relevant experience;
Experience in architecture, design, support, maintenance, and expansion of an enterprise log management/SIEM infrastructure in a highly resilient configuration;
Experience in monitoring an enterprise log management/SIEM server and agent infrastructure for capacity planning and system optimization;
Experience in deployment, configuration, and maintenance of log forwarder agents across a variety of UNIX and Windows platforms;
Experience in collaboration with a variety of IT stakeholders in design and maintenance of production-quality log management/SIEM reports and dashboards to support data analysis and visualization;
Experience in creation and maintenance of documentation related to log management/SIEM infrastructure configuration and operational processes;
Advanced system administration skills with Linux operating systems;
Knowledge of regular expression, scripting, and application development languages (e.g., Python, Perl, JavaScript, Linux shell scripting);
Must be able to successfully obtain a Public Trust;
Telework (local to the DC, Maryland, Virginia area preferred).
More Information on MelkoTech
MelkoTech operates in the Sales industry. The company is located in Reston, VA. MelkoTech was founded in 2018. It has 1 total employees. To see all 19 open jobs at MelkoTech, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView MelkoTech's full profileFind similar jobs