Splunk ITSI Engineer, TS/SCI (Washington, DC)

Locations available: JBAB (Bolling AFB), DC; Maryland Square, MD; Reston, VA; Quantico, VA; Colorado Springs, CO; Waikiki, HI

An active Top Secret / SCI clearance with the willingness to take and pass a polygraph exam is required for consideration for hire for this role. Work is to be performed 100% onsite with our Government Customer

What You’ll Get To Do:
You will work with an expert team focused on implementing and operating next-generation security solutions for government and commercial clients. You’ll use Splunk and integrate it with other state-of-the-art tools like HBSS, Enterprise Security Manager (ESM), Network Security Manager (NSM), NetFlow, and/or Intrusion Detection Systems (IDS) to monitor, detect, and analyze threats. You'll perform hands-on evaluation, implementation, and operation of leading security Cyber defense tools and technologies and apply in-depth defense strategies for large and complex networks to rapidly identify vulnerabilities and threats, prioritizing response actions, including developing effective countermeasures. You’ll support the risk management and security compliance of specified cyber security tools. You'll apply thought leadership to solving complex security challenges in a highly collaborative and innovative work
environment.

You’ll Bring These Qualifications:

• 3+ years of experience utilizing Splunk Enterprise
• Splunk Core Consultant Certification and Splunk IT Service Intelligence (ITSI) Accreditation preferred. The scope of the position is to Looking to design resiliency using ITSI. Customer wants to build out an ITSI application and implement the design. They want to run ITSI at Multiple locations and have one location have overall oversight.          
• Experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
• Experience with Splunk performing systems administration, including performing installation, configuration, monitoring
  system performance and availability, upgrades, and troubleshooting in Windows and Linux Server environments
• Experience creating custom dashboards, writing queries and generating reports, and setting up alerts and notifications
• Familiarity with DoD Risk Management Framework
• Top Secret/SCI clearance with the ability to obtain a Counter-Intelligence polygraph
• Active DoD 8570 IAT Level III certification (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP)
• Active DoD 8570 Cybersecurity Service Provider (CSSP) - Infrastructure Support (IS) certification (CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND)
• HS diploma or GED and 7+ years of experience with supporting IT projects and activities, Associate’s degree and 5+ years of experience with supporting IT projects and activities, or Bachelor’s degree and 3+ years of experience with supporting IT projects and activities
• DoD 8570 IAT Level II Certification, including CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP
• Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification prior to start date 

Nice If You Have:

• Ability to ingest and parse logs within Splunk
• Experience with fields abstraction
• Experience with data modeling using Splunk
• Experience with workflows and drilldown query
• Experience administering Splunk in distributed deployments
• Experience with performing site surveys, data gathering, and research and analysis regarding deploying and implementing security tools
• Splunk Certified Power User or other advanced Splunk Certification
• Experience with DevSecOps and Elasticsearch, Logstash & Kibana (ELK)
• Possession of excellent oral and written communication skills, including using presentation expertise to convey complex
• Ideas to client and internal staff
• Possession of excellent problem-solving skills