We are seeking dynamic individuals interested in contributing to the growth of a unique venture in our markets. Our ideal candidate possesses a blend of independent work capability and a collaborative team spirit, consistently meeting both team and client expectations.
The ideal candidate will undertake the following duties:
- Development, deployment, or administration of Splunk.
- Development, deployment, or administration of virtual infrastructure, packet capture, NetFlow systems, cloud access security broker (CASB), and similar security tools.
- Development, deployment, or administration of firewalls such as Palo Alto or Checkpoint.
- Development, deployment, or administration of identity management or multifactor systems such as Centrify, Okta, or RSA Security Identity.
- Creation of alerts triggering on configured settings to deploy or send notifications, emails, or attachments to specific destinations or groups.
- Regular review of Web Application Firewall (WAF) events to identify anomalous behavior.
- Creation of security rules (alerts) triggering on anomalous activities or threat detections.
- Resolution of security tools, infrastructure, or system issues.
- Checking virtual server availability, functionality, integrity, efficiency, and managing resources including performance, capacity, availability, serviceability, and recoverability.
- Monitoring and maintaining server configuration.
- Diagnosing failed servers or connectivity problems.
- Managing Splunk licenses, indexers, and search heads through configuration management and capacity monitoring.
Note: On-site presence is mandatory for two days per week, either in Washington, DC, or Manassas, VA.
- Four (4) years of experience in Information Technology, Cybersecurity, or a related field.
- Four (4) or more years of hands-on experience with security monitoring tools such as IDS/IPS, FWs and NACs, Identity Management systems, and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Cisco ISE, FireEye, Gigamon), and Web Application Firewalls.
- Experience with both the Linux and Windows operating systems.
- Experience with Splunk.
- Experience working with cloud services such as AWS, Azure, and O365 and cloud access security brokers.
- Experience in the use of network monitoring tools with a strong understanding of network protocols.
- Ability to perform security analysis, development, and implementation of security policies, standards, and guidelines.
- Ability to quickly explore, examine, and understand complex security problems and how they affect a customer's business.
- Enduring Curiosity: A relentless desire to learn and solve complex problems.
- Innate Passion for Challenges: A deep appreciation for the journey and process of mastering skills.
- External Drive for Proficiency: A strong motivation to excel in consulting, IT, cybersecurity, and industry best practices.
Ability to obtain a Public Trust clearance is required. Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to sensitive information.